Cryptographic communication system and cryptographic communication method

ABSTRACT

Provided is a cryptographic communication system including a first semiconductor device and a second semiconductor device. The first semiconductor device includes a common key generation unit that generates a common key CK(a) by using a unique code UC(a) and correction data CD(a), and an encryption unit that encrypts the common key CK(a) generated in the common key generation unit by using a public key PK(b) of the second semiconductor device. The second semiconductor device includes a secret key generation unit that generates a secret key SK(b) by using a unique code UC(b) and correction data CD(b), and a decryption unit that decrypts the common key CK(a) encrypted in the encryption unit by using the secret key SK(b).

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is based upon and claims the benefit of priority fromJapanese Patent Applications Nos. 2011-136131 filed on Jun. 20, 2011,2011-136132 filed on Jun. 20, 2011, and 2012-076387 filed on Mar. 29,2012, the disclosures of which are incorporated herein in its entiretyby reference.

BACKGROUND

The present invention relates to a cryptographic communication systemand a cryptographic communication method and, particularly, to acryptographic communication system and a cryptographic communicationmethod that enhance security.

In a communication system, communication data is encrypted to preventwiretapping, falsification and the like of the communication data. Oneof techniques for the encryption is common key cryptosystem in whichboth ends of communication use a common encryption key (which isreferred to hereinafter as a common key). In the common keycryptosystem, it is necessary for both ends of communication to sharethe common key without a third party knowing. One of techniques toachieve that is public key cryptosystem using RSA (registeredtrademark), elliptic curve cryptography and the like.

A technique to provide an integrated circuit that can prevent use of anillegally copied IC is disclosed in Japanese Unexamined PatentApplication Publication No. 2010-226603. A technique to generate asecurity word such as RSA public key or secret key using a circuit forgenerating unique data that is physically uncopyable or another elementto thereby ensure security of an integrated circuit used in electronicequipment is disclosed in Japanese Unexamined Patent ApplicationPublication (Translation of PCT Application) No. 2010-527219.

Further, a technique to reduce time for key exchange in a communicationsystem to perform cryptographic communication using a common encryptionkey through a local area network is disclosed in Japanese UnexaminedPatent Application Publication No. 2005-341528. A technique to easilyverify completeness of data in data transmission/reception by ad-hocwireless connection is disclosed in Japanese Unexamined PatentApplication Publication No. 2002-26899.

SUMMARY

For example, in the case of performing cryptographic communication usinga common key CK(x) between a semiconductor device ICx and asemiconductor device ICy, the common key CK(x) needs to be sharedbetween ICx and ICy. When ICx has the common key CK(x), ICx encrypts thecommon key CK(x) using a public key PK(y) of ICy acquired in advance andtransmits the encrypted common key CK(x)′ to ICy. Then, ICy decrypts theencrypted common key CK(x)′ using a secret key SK(y) of ICy and therebyacquires the common key CK(x). In this manner, by transmitting thecommon key CK(x) from ICx to ICy using the public key cryptosystem, itis possible to share the common key CK(x) between ICx and ICy without athird party knowing. Thus, cryptographic communication can be performedbetween ICx and ICy using the common key cryptosystem.

At the time of transmitting the common key CK(x) from ICx to ICy,information of the common key CK(x) is not leaked to a third partybecause the common key CK(x) is encrypted. However, because importantdata such as the common key CK(x) and the secret key SK(y) are stored ina nonvolatile memory of the semiconductor devices (semiconductor chips)ICx and ICy. Therefore, if unauthorized analysis of the semiconductordevice is made, leakage of the important data such as the common keyCK(x) and the secret key SK(y) occurs.

Further, in the case of adding a semiconductor device ICz to thecryptographic communication system in which secure communication isestablished such as the semiconductor device ICx and the semiconductordevice ICy described above, it is necessary to verify whether thesemiconductor device ICz to be added is a proper semiconductor device.However, in order to verify whether the semiconductor device ICz to beadded is a proper semiconductor device, it is necessary to incorporatean expensive secure server, for example, into the cryptographiccommunication system. This causes an increase in costs of thecryptographic communication system.

A cryptographic communication system according to an aspect of thepresent invention includes a first semiconductor device and a secondsemiconductor device. The first semiconductor device generates a commonkey by using a first unique code that is a unique code arising fromprocess variation or the like of the first semiconductor device andfirst correction data for correcting the first unique code, encrypts thecommon key by using a public key, and transmits the encrypted common keyto the second semiconductor device. The second semiconductor devicegenerates a secret key of the second semiconductor device by using asecond unique code that is a unique code arising from process variationor the like of the second semiconductor device and second correctiondata for correcting the second unique code, and decrypts the encryptedcommon key transmitted from the first semiconductor device by using thesecret key. By this operation, the first semiconductor device and thesecond semiconductor device have the same common key, thus achievinghighly secure communication with the common key.

A cryptographic communication system according to an aspect of thepresent invention includes a first semiconductor device and a secondsemiconductor device. The first semiconductor device generates a secretkey of the first semiconductor device by using a first unique code thatis a unique code arising from process variation or the like of the firstsemiconductor device and first correction data for correcting the firstunique code, generates signature data by using the secret key and aplain text, and transmits the signature data to the second semiconductordevice. The second semiconductor device generates verification data byusing the transmitted signature data and a public key of the firstsemiconductor device and compares the verification data with the plaintext to determine whether the first semiconductor device has a secretkey. By this operation, the first semiconductor device does not need todirectly store the secret key, which is important data, therebyimproving security for digital signature between the first semiconductordevice and the second semiconductor device.

In the above aspect, the public key of the first semiconductor devicemay be generated using a second unique code that is a unique codearising from process variation or the like of the second semiconductordevice and second correction data for correcting the second unique code.

A cryptographic communication system according to an aspect of thepresent invention includes first to third semiconductor devices. Thethird semiconductor device supplies first correction data for correctinga first unique code to the first semiconductor device, and the firstsemiconductor device generates a common key by using a first unique codethat is a unique code arising from process variation or the like of thefirst semiconductor device and the first correction data supplied fromthe third semiconductor device. Further, the third semiconductor devicesupplies second correction data for correcting a second unique code tothe second semiconductor device, and the second semiconductor devicegenerates a common key by using a second unique code that is a uniquecode arising from process variation or the like of the secondsemiconductor device and the second correction data supplied from thethird semiconductor device. By this operation, the first semiconductordevice and the second semiconductor device have the same common key,thus achieving highly secure communication with the common key.

In the above aspect, the third semiconductor device may include adatabase that stores correction data associated with respectivesemiconductor devices and commons keys generated in the respectivesemiconductor device.

Further, the third semiconductor device may generate the firstcorrection data by using a first unique code that is a unique codearising from process variation or the like of the first semiconductordevice and a common key, and generate the second correction data byusing a second unique code that is a unique code arising from processvariation or the like of the second semiconductor and the common key.

Further, the third semiconductor device may generate the firstcorrection data by using a first unique code first unique code that is aunique code arising from process variation or the like of the firstsemiconductor device and a first common key, and generate the secondcorrection data by using a second unique code that is a unique codearising from process variation or the like of the second semiconductorand a second common key. In this case, the first semiconductor devicemay have the first common key, the second semiconductor device may havethe second common key, and the third semiconductor device may have thefirst and second common keys. Thus, the first semiconductor device andthe third semiconductor device can communicate using the first commonkey, the second semiconductor device and the third semiconductor devicecan communicate using the second common key, and the first semiconductordevice and the second semiconductor device can communicate through thethird semiconductor device.

A cryptographic communication system according to an aspect of thepresent invention includes a first semiconductor device and a secondsemiconductor device. The first semiconductor device generates a firstcommon key by using a first unique code that is a unique code arisingfrom process variation or the like of the first semiconductor device andfirst correction data for correcting the first unique code. Further, thefirst semiconductor device generates second correction data forcorrecting a second unique code by using a second unique code that is aunique code arising from process variation or the like of the secondsemiconductor and the first common key, and transmits the generatedsecond correction data to the second semiconductor device. The secondsemiconductor device generates a first common key by using the secondcorrection data generated in the first semiconductor device and thesecond unique code. By this operation, the first semiconductor deviceand the second semiconductor device have the same common key. Thus, thefirst semiconductor device and the second semiconductor device canperform highly secure communication using the first common key.

In the above aspect, the second semiconductor device may encrypt thesecond unique code by using a public key of the first semiconductordevice and transmit the encrypted second unique code to the firstsemiconductor device, and the first semiconductor device may decrypt theencrypted second unique code by using a secret key of the firstsemiconductor device.

Further, a cryptographic communication system according to an aspect ofthe present invention may include a server including a database thatstores public keys of respective semiconductor devices in associationwith the respective semiconductor devices. The second semiconductordevice then generates signature data by using a secret key of the secondsemiconductor device and a plain text, and transmits the signature datato the first semiconductor device. The first semiconductor devicegenerates verification data by using a public key of the secondsemiconductor device transmitted from the server and the signature datatransmitted from the second semiconductor device and compares theverification data with the plain text to determine whether the secondsemiconductor device has a secret key.

Further, the second semiconductor device may encrypt a correction datageneration program for generating second correction data using the firstcommon key and the second unique code by using the public key of thefirst semiconductor device and transmit the encrypted correction datageneration program to the first semiconductor device. The firstsemiconductor device decrypts the encrypted correction data generationprogram and executes the decrypted correction data generation programand thereby generates the second correction data by using the firstcommon key and the second unique code.

Further, the first common key generation unit may generate a secondcommon key by using a first unique code that is a unique code arisingfrom process variation or the like of the first semiconductor device andthird correction data for correcting the first unique code. The firstsemiconductor device can thereby communicate with the secondsemiconductor device using the first common key and communicate with thethird semiconductor device using the second common key, and the secondsemiconductor device can communicate with the third semiconductor devicethrough the first semiconductor device.

Further, a cryptographic communication system according to an aspect ofthe present invention may be applied to a vehicle-mounted semiconductordevice.

According to the aspects of the present invention, it is possible toprovide a cryptographic communication system and a cryptographiccommunication method that enhance security. Further, according to theaspects of the present invention, it is possible to provide acryptographic communication system and a cryptographic communicationmethod that can easily add a semiconductor device to the cryptographiccommunication system in which secure communication is performed.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other aspects, advantages and features will be moreapparent from the following description of certain embodiments taken inconjunction with the accompanying drawings, in which:

FIG. 1 is a block diagram showing a cryptographic communication systemaccording to a first embodiment;

FIG. 2 is a flowchart to explain an operation of the cryptographiccommunication system according to the first embodiment;

FIG. 3 is a flowchart to explain an operation of a common key generationunit;

FIG. 4 is a table showing an example of a unique code processed in thecommon key generation unit;

FIG. 5 is a block diagram showing a cryptographic communication systemaccording to a second embodiment;

FIG. 6 is a flowchart to explain an operation of the cryptographiccommunication system according to the second embodiment;

FIG. 7 is a block diagram showing a cryptographic communication systemaccording to a third embodiment;

FIG. 8 is a flowchart to explain an operation of the cryptographiccommunication system according to the third embodiment;

FIG. 9 is a block diagram showing a cryptographic communication systemaccording to a fourth embodiment;

FIG. 10 is a table showing an example of data stored in a database ofthe cryptographic communication system according to the fourthembodiment;

FIG. 11 is a flowchart to explain an operation of the cryptographiccommunication system according to the fourth embodiment;

FIG. 12 is a block diagram showing a cryptographic communication systemaccording to a fifth embodiment;

FIG. 13 is a flowchart to explain an operation of the cryptographiccommunication system according to the fifth embodiment;

FIG. 14 is a flowchart to explain an operation of a correction datageneration unit;

FIG. 15 is a block diagram showing a cryptographic communication systemaccording to a sixth embodiment;

FIG. 16 is a flowchart to explain an operation of the cryptographiccommunication system according to the sixth embodiment;

FIG. 17 is a block diagram showing a case where the cryptographiccommunication system according to the first to sixth embodiment isapplied to a vehicle-mounted semiconductor device;

FIG. 18 is a block diagram showing a cryptographic communication systemaccording to an eighth embodiment;

FIG. 19 is a flowchart to explain an operation of the cryptographiccommunication system according to the eighth embodiment;

FIG. 20 is a flowchart to explain an operation of a common keygeneration unit;

FIG. 21 is a table showing an example of a unique code processed in thecommon key generation unit;

FIG. 22 is a flowchart to explain an operation of a correction datageneration unit;

FIG. 23 is a diagram showing a case where correction data is generatedusing a plurality of semiconductor devices;

FIG. 24 is a block diagram showing a cryptographic communication systemaccording to a ninth embodiment;

FIG. 25 is a flowchart to explain an operation of the cryptographiccommunication system according to the ninth embodiment;

FIG. 26 is a block diagram showing a cryptographic communication systemaccording to a tenth embodiment;

FIG. 27 is a flowchart to explain an operation of the cryptographiccommunication system according to the tenth embodiment;

FIG. 28 is a block diagram showing a cryptographic communication systemaccording to an eleventh embodiment;

FIG. 29 is a flowchart to explain an operation of the cryptographiccommunication system according to the eleventh embodiment;

FIG. 30 is a block diagram showing a cryptographic communication systemaccording to a twelfth embodiment;

FIG. 31 is a flowchart to explain an operation of the cryptographiccommunication system according to the twelfth embodiment;

FIG. 32 is a block diagram showing a configuration of the cryptographiccommunication system according to the twelfth embodiment; and

FIG. 33 is a block diagram showing a case where the cryptographiccommunication system according to the eighth to twelfth embodiment isapplied to a vehicle-mounted semiconductor device.

DETAILED DESCRIPTION First Embodiment

Embodiments of the present invention are described hereinafter withreference to the drawings.

FIG. 1 is a block diagram showing a cryptographic communication systemaccording to a first embodiment. The cryptographic communication system1 according to this embodiment includes a semiconductor device ICa(first semiconductor device) 10 and a semiconductor device ICb (secondsemiconductor device) 20. The semiconductor device 10 includes a uniquecode generation unit 11, a storage unit 12, a common key generation unit13, and an encryption unit 14.

The unique code generation unit 11 generates a unique code (first uniquecode) UC(a) having a value unique to the semiconductor device 10 andcontaining a random error and outputs it to the common key generationunit 13. The unique code UC(a) is a value determined by physicalproperties inherent to an element included in the semiconductor device10. For example, the unique code generation unit 11 may generate theunique code UC(a) using a value at startup of a memory element includedin the semiconductor device 10. The unique code is a code generatedusing the property that actually fabricated ICs vary despite that thedesign of the ICs is the same. This technique is called PUF (PhysicalUnclonable Function), and it is a technique that, even when a pluralityof ICs having the same circuit are fabricated at a time on onesemiconductor wafer by the same fabrication device, generates uniquecodes for the respective ICs and further makes the ICs unclonable. Useof this technique achieves effective concealment of data without a needfor special hardware such as a tamper-resistant chip.

The storage unit 12 can store correction data (first correction data)CD(a), a common key CK(a) generated in the common key generation unit13, and a public key PK(b) of the semiconductor device 20. The storageunit 12 includes a volatile memory (for example, SRAM) and a nonvolatilememory (for example, flash memory), for example, and the correction dataCD(a) and the public key PK(b) are stored in the nonvolatile memory, andthe common key CK(a) is stored in the volatile memory. Thus, althoughthe storage unit 12 temporarily stores the common key CK(a), informationof the common key CK(a) is erased when the semiconductor device 10 ispowered off. Note that the common key CK(a) may be stored in thenonvolatile memory according to need after taking security measures suchas encryption, and measures such as erasing data by writing at power-offof the semiconductor device 10 may be done on the common key CK(a)stored in the nonvolatile memory.

The common key generation unit 13 generates the common key CK(a) usingthe unique code UC(a) output from the unique code generation unit 11 andthe correction data CD(a) stored in the storage unit 12.

The unique code UC(a) generated in the unique code generation unit 11 isdata containing bit values that vary depending on external factorsduring generation of the unique code, such as temperature and voltage,for example. Therefore, the unique code UC(a) generated in the uniquecode generation unit 11 contains three types of bits: (1) bits with astable value, (2) bits with high variability (i.e. bits with arelatively large variation in value) and (3) bits with low variability(i.e. bits with a relatively small variation in value). In this manner,the unique code UC(a) generated in the unique code generation unit 11contains (2) bits with high variability and (3) bits with lowvariability. Accordingly, the unique code UC(a) has different valueseach time generated.

The bit with high variability can be found in the fabrication process.Thus, by making each bit decision during the fabrication process, maskdata to mask the bit with high variability can be created. By maskingthe unique code UC(a) generated in the unique code generation unit 11using the mask data, the bit with high variability contained in theunique code UC(a) can be eliminated. Because the position of the bitwith high variability differs from device to device, the mask data isdata unique to the semiconductor device.

On the other hand, the bit with low variability varies due to externalfactors, remaining charges and the like, and it is thus difficult tomake estimation. Therefore, the bit with low variability is processedusing an ECC code, such as BCH code or Reed-Solomon code, generatedduring fabrication. An operation of the common key generation unit 13 isspecifically described hereinafter.

FIG. 3 is a flowchart to explain an operation of the common keygeneration unit 13, and FIG. 4 is a table showing an example of a uniquecode processed in the common key generation unit 13. First, the commonkey generation unit 13 reads the unique code UC(a) from the unique codegeneration unit 11 (Step S11). The unique code UC(a) read in this stepis a unique code on which error correction for eliminating a bit with avariable value is not made.

Next, the common key generation unit 13 masks the read unique code UC(a)using the mask data contained in the correction data CD(a) (Step S12).The mask data is data for masking a bit with a high error rate having avariable bit value among the bits of the unique code UC(a). In theexample shown in FIG. 4, because the error rate of the first bit and thesixth bit of the unique code UC(a) is high, the mask data is “0”.Because the other bits are bits with a low error rate or bits with astable value, the mask data is “1”. In other words, the mask data forthe bit that needs to be masked is “0”, and the mask data for the bitthat does not need to be masked is “1”. By masking the unique code UC(a)using the mask data, masked unique code UC(a)′ in which the first bitand the sixth bit of the unique code UC(a) are eliminated can beobtained (the bits eliminated by masking are indicated by “X”). Afterthat, the masked unique code UC(a)′ is left-justified.

Then, using the ECC code (error correction code) contained in thecorrection data CD(a), the common key generation unit 13 makes acorrection to remove the error of the bit with a low degree ofvariability contained in the masked unique code UC(a)′, therebyobtaining a unique code UC(a)″ (Step S13). In the example shown in FIG.4, as a result that the masked unique code UC(a)′ is processed using theECC code, the first bit is corrected from “0” to “1”.

Then, the common key generation unit 13 performs a specified operationon the error-corrected unique code UC(a)″ using an operation parametercontained in the correction data CD(a) (Step S14). In the example shownin FIG. 4, NOT operation is performed on the error-corrected unique codeUC(a)″. The unique code UC(a) after this operation is the common keyCK(a). Note that the NOT operation is just one example, and anyoperation may be performed on the error-corrected unique code UC(a)″. Bychanging the operation parameter, it is possible to change the commonkey CK(a) according to need. Further, by performing a specifiedoperation on the error-corrected unique code UC(a)″ using the operationparameter, the common key CK(a) can be generated as a code that is notapparently similar to the unique code UC(a). This further enhances thesecurity level. Furthermore, the operation performed on theerror-corrected unique code UC(a)″ may be skipped. In this case, theunique code UC(a)″ processed using the mask data and the ECC code servesas the common key CK(a). The common key CK(a) generated in this manneris output to the storage unit 12 and the encryption unit 14.

Note that the mask code, the ECC code and the operation parametercontained in the correction data CD(a) are generated in advance asunique data of the semiconductor device 10 and stored in the storageunit 12. A method of generating the correction data CD(a) is describedlater (cf. fifth embodiment, FIG. 14). Further, in order to extract abit with high variability contained in the unique code UC(a) read fromthe unique code generation unit 11, reading of the unique code UC(a) isperformed a plurality of times and then the ECC code is generated on thebasis of the masked unique code UC(a)′.

As described above, the common key generation unit 13 has the functionof generating the common key CK(a) and also has the function ofcorrecting the unique code UC(a) using the correction data CD(a). Asecret key generation unit 23 shown in FIG. 1, a secret key generationunit 33 shown in FIG. 5, a secret key generation unit 53 and a publickey generation unit shown in FIG. 7, common key generation units 73 and83 shown in FIG. 9, common key generation units 113 and 123 shown inFIG. 12, and common key generation units 143 and 153 shown in FIG. 15also function as a unique code correction unit that corrects the uniquecode UC using the correction data CD. Note that, although the keygeneration unit is referred to as a common key generation unit, a secretkey generation unit or a public key generation unit according to the keyto be generated in this specification for the sake of convenience, theconfiguration and operation of those units are basically the same.

The common key CK(a) is a single-use (one-time) key or a fixed keyaccording to usage. For example, when the common key CK(a) is a fixedkey for storing encrypted data in the nonvolatile memory, the correctiondata CD(a) is determined so as to obtain a bit pattern as the common keyCK(a) from a bit pattern obtained as the unique code UC(a) of thesemiconductor device 10, and therefore a plurality of correction dataCD(a) can be easily generated. On the other hand, when the common keyCK(a) is a single-use key to be used for each communication sessionbetween ICa and ICb, the correction data CD(a) is determined so as toobtain different bit patterns for a plurality of different correctiondata CD(a).

The encryption unit 14 in FIG. 1 encrypts the common key CK(a) generatedin the common key generation unit 13 by using a public key PK(b) of thesemiconductor device 20. The public key PK(b) to be used for encryptionmay be transmitted from the semiconductor device 20 to the semiconductordevice 10 in advance and stored in the storage unit 12. Alternatively,the public key PK(b) to be used for encryption may be directly suppliedfrom the semiconductor device 20 to the encryption unit 14 at the timewhen the encryption unit 14 encrypts the common key CK(a).

The semiconductor device 20 includes a unique code generation unit 21, astorage unit 22, a secret key generation unit 23, and a decryption unit24. The unique code generation unit 21 generates a unique code (secondunique code) UC(b) having a value unique to the semiconductor device 20and containing a random error and outputs it to the secret keygeneration unit 23. The configuration and operation of the unique codegeneration unit 21 are basically the same as the unique code generationunit 11 described above.

The storage unit 22 can store correction data (second correction data)CD(b), a public key PK(b), and a common key CK(a) decrypted by thedecryption unit. The storage unit 22 includes a volatile memory and anonvolatile memory, for example, and the correction data CD(b) and thepublic key PK(b) are stored in the nonvolatile memory, and the commonkey CK(a) is stored in the volatile memory. Thus, although the storageunit 22 temporarily stores the common key CK(a), information of thecommon key CK(a) is erased when the semiconductor device 20 is poweredoff. Note that the common key CK(a) may be stored in the nonvolatilememory according to need after taking security measures such asencryption, and measures such as erasing data by writing at power-off ofthe semiconductor device 20 may be done on the common key CK(a) storedin the nonvolatile memory.

The secret key generation unit 23 generates a secret key SK(b) of thesemiconductor device 20 using the unique code UC(b) and the correctiondata CD(b). Note that a method of generating the secret key SK(b) in thesecret key generation unit 23 is basically the same as the method ofgenerating the common key CK(a) in the common key generation unit 13described above.

The decryption unit 24 decrypts the common key CK(a)′ encrypted in theencryption unit 14 of the semiconductor device 10 by using the secretkey SK(b) and thereby generates the common key CK(a).

An operation of the cryptographic communication system according to thisembodiment is described hereinafter with reference to the flowchart ofFIG. 2. First, the semiconductor device ICb (20) transmits the publickey PK(b) of the semiconductor device ICb (20) to the semiconductordevice ICa (10) (Step S1). The transmitted public key PK(b) is storedinto the storage unit 12 of the semiconductor device 10. Next, thecommon key generation unit 13 of the semiconductor device 10 generatesthe common key CK(a) using the unique code UC(a) output from the uniquecode generation unit 11 and the correction data CD(a) stored in thestorage unit 12 (Step S2). The encryption unit 14 encrypts the commonkey CK(a) generated in the common key generation unit 13 by using thepublic key PK(b) of the semiconductor device 20 and thereby generatesthe encrypted common key CK(a)′ (Step S3). Then, the encrypted commonkey CK(a)′ is transmitted from the semiconductor device 10 to thesemiconductor device 20 (Step S4).

The secret key generation unit 23 of the semiconductor device 20generates the secret key SK(b) of the semiconductor device 20 using theunique code UC(b) and the correction data CD(b) (Step S5). Thedecryption unit 24 decrypts the encrypted common key CK(a)′ by using thesecret key SK(b) and thereby generates the common key CK(a) (Step S6).By the above process, both of the semiconductor device 10 and thesemiconductor device 20 can have the common key CK(a). Thus, thesemiconductor device 10 and the semiconductor device 20 can performcryptographic communication using the common key CK(a) (Step S7). Notethat the sequence of the above steps can be changed as appropriate aslong as it is consistent. For example, Step S5 may be performed in thesemiconductor device in parallel with Steps S2 and S3 performed in thesemiconductor device 10.

As described earlier, in the case of performing cryptographiccommunication using the common key CK(x) between the semiconductordevice ICx and the semiconductor device ICy, the common key CK(x) needsto be shared between ICx and ICy. When ICx has the common key CK(x), ICxencrypts the common key CK(x) using the public key PK(y) of ICy acquiredin advance and transmits the encrypted common key CK(x)′ to ICy. Then,ICy decrypts the encrypted common key CK(x)′ using the secret key SK(y)of ICy and thereby acquires the common key CK(x). In this manner, bytransmitting the common key CK(x) from ICx to ICy using the public keycryptosystem, it is possible to share the common key CK(x) between ICxand ICy without a third party knowing. Thus, cryptographic communicationcan be performed between ICx and ICy using the common key cryptosystem.

At the time of transmitting the common key CK(x) from ICx to ICy,information of the common key CK(x) is not leaked because the common keyCK(x) is encrypted. However, because important data such as the commonkey CK(x) and the secret key SK(y) are stored in the nonvolatile memory(storage unit) of the semiconductor devices (semiconductor chips) ICxand ICy. Therefore, if unauthorized analysis of the semiconductor deviceis made, leakage of the important data such as the common key CK(x) andthe secret key SK(y) occurs.

On the other hand, in the cryptographic communication system accordingto this embodiment, the common key CK(a) is generated in the common keygeneration unit 13 of the semiconductor device 10 by using the uniquecode UC(a) containing an information component unique to thesemiconductor device 10 and a variable information component, and thecorrection data CD(a) that corrects the unique code UC(a). Further, thesecret key SK(b) of the semiconductor device 20 is generated in thesecret key generation unit 23 of the semiconductor device 20 by usingthe unique code UC(b) containing an information component unique to thesemiconductor device 20 and a variable information component, and thecorrection data CD(b) that corrects the unique code UC(b). Becauseimportant data such as the common key CK(a) and the secret key SK(b) arenot directly stored in the storage units 12 and 22, leakage of theimportant data such as the common key CK(a) and the secret key SK(b)does not occur even if unauthorized analysis of the semiconductor deviceis made.

Further, although the secret key SK(b) needs to be a key correspondingto the public key PK(b), it is easy to generate a plurality ofcorrection data CD(b) because the correction data CD(b) can bedetermined so as to obtain a bit pattern as the secret key SK(b) from abit pattern obtained as the unique code UC(b) of the semiconductordevice 20.

Methods of analyzing a semiconductor device for unauthorized acquisitionof data are as follows.

(1) A method that makes modification to the semiconductor device usingFIB (Focused Ion Beam) and physically analyzes the semiconductor deviceusing a probe.

(2) Fault tree analysis that makes a CPU run away by applying anelectromagnetic wave such as a laser beam to the semiconductor device orinserting noise to a power supply terminal and thereby acquires data inan unauthorized manner.

(3) Leakage analysis that observes the current consumption of thesemiconductor device and analyzes key data.

In order to avoid the unauthorized analysis, in the field where a highsecurity level is required, a microcomputer with a high security level(which is referred to hereinafter as a secure microcomputer) is used.The secure microcomputer has a shield to protect a wiring area, afunction of detecting light or signal noise, a function of disruptingthe current by combining a random number signal with a signal and thelike. In the unauthorized analysis of key data by the leakage analysisdescribed above, a characteristic pattern of power consumption arisingfrom execution of a certain operation based on specific data isextracted. The characteristic pattern of power consumption can bedisrupted by making random selection from a plurality of correction dataCD(a) or CD(b) using a random number or the like.

In this manner, it is possible to prevent a third party's unauthorizedanalysis of the semiconductor device by using the secure microcomputer.However, in the case of using the secure microcomputer, although theunauthorized analysis can be prevented, semiconductor devicemanufacturers cannot carry out failure analysis and breakdown analysisbecause of its high tamper resistance. Particularly, in avehicle-mounted microcomputer (ECU etc.) for automobile use, failureanalysis and breakdown analysis of a semiconductor device are necessarybecause high reliability is required. For this reason, a general-purposemicrocomputer having a lower security level than the securemicrocomputer has been widely used as the vehicle-mounted microcomputer.Thus, a cryptographic communication system that increases the securitylevel of a semiconductor device with use of a general-purposemicrocomputer has been required for the vehicle-mounted microcomputer.

In the cryptographic communication system according to this embodiment,because important data such as the common key CK(a) and the secret keySK(b) are not directly stored in the storage units 12 and 22, leakage ofthe important data such as the common key CK(a) and the secret key SK(b)does not occur even if unauthorized analysis of the semiconductor deviceis made. Therefore, even when the semiconductor device 10 and thesemiconductor device 20 are configured using a general-purposemicrocomputer with a relatively low security level, a high securitylevel can be achieved.

Note that the correction data CD(a) and CD(b) that are used to generatethe common key CK(a) and the secret key SK(b) are information with arelatively high security level, though the security level is lower thanthat of the common key CK(a) and the secret key SK(b). Thus, thesecurity microcomputer may be used for the semiconductor devices 10 and20 in which the correction data CD(a) and CD(b) are stored in order toprevent leakage of the correction data CD(a) and CD(b) to a third party.

As described above, according to the embodiment of the presentinvention, it is possible to provide the cryptographic communicationsystem and the cryptographic communication method that enhance security.

Second Embodiment

A second embodiment of the present invention is described hereinafter.FIG. 5 is a block diagram showing a cryptographic communication system 2according to this embodiment. In this embodiment, the cryptographiccommunication system is applied to a digital signature system. Thecryptographic communication system 2 according to this embodimentincludes a semiconductor device ICa (30) and a semiconductor device ICb(40). The semiconductor device 30 includes a unique code generation unit31, a storage unit 32, a secret key generation unit 33, and a signaturedata generation unit 34.

The unique code generation unit 31 generates a unique code UC(a) that isunique to the semiconductor device 30 and outputs it to the secret keygeneration unit 33. The basic configuration and operation of the uniquecode generation unit 31 are the same as those of the unique codegeneration unit 11 described in the first embodiment and redundantexplanation thereof is omitted.

The storage unit 32 can store correction data CD(a), plain textPlane(a), and a public key PK(a) of the semiconductor device 30 in anonvolatile memory.

The secret key generation unit 33 generates a secret key SK(a) of thesemiconductor device 30 using the unique code UC(a) output from theunique code generation unit 31 and the correction data CD(a) stored inthe storage unit 32. Note that the secret key generation unit 33functions as a unique code correction unit. The basic configuration andoperation of the secret key generation unit 33 are the same as those ofthe common key generation unit 13 described in the first embodiment andredundant explanation thereof is omitted.

The signature data generation unit 34 generates signature data Sig(a)using the secret key SK(a) generated in the secret key generation unit33 and the plain text Plane(a) stored in the storage unit 32. In otherwords, the signature data generation unit 34 executes a signaturegeneration algorithm in the digital signature scheme.

The semiconductor device 40 includes a storage unit 41 and averification unit 42. The storage unit 41 can store the public key PK(a)of the semiconductor device 30. The verification unit 42 executes averification algorithm in the digital signature scheme. Specifically,the verification unit 42 generates verification data using the signaturedata Sig(a) and the public key PK(a) of the semiconductor device 30. Thesignature data Sig(a) is data generated by encrypting the plain textPlane(a) using the secret key SK(a) of the semiconductor device 30.Thus, the verification data obtained by decrypting the signature dataSig(a) using the public key PK(a) of the semiconductor device 30 is datacorresponding to the plain text Plane(a) transmitted from thesemiconductor device 30. Therefore, the verification unit 42 comparesthe verification data with the plain text Plane(a) and, when theverification data and the plain text Plane(a) match, it can bedetermined that the semiconductor device 30 has the secret key SK(a).Note that the public key PK(a) supplied from the semiconductor device 30may be directly supplied to the verification unit 42 of thesemiconductor device 40.

An operation of the cryptographic communication system according to thisembodiment is described hereinafter with reference to the flowchart ofFIG. 6. First, the semiconductor device 30 (which corresponds to asigner) transmits the public key PK(a) of the semiconductor device 30 tothe semiconductor device 40 (which corresponds to a verifier) (StepS21).

Then, the secret key generation unit 33 of the semiconductor device 30generates the secret key SK(a) of the semiconductor device 30 using theunique code UC(a) output from the unique code generation unit 31 and thecorrection data CD(a) stored in the storage unit 32 (Step S22). Afterthat, the signature data generation unit 34 of the semiconductor device30 executes a signature generation algorithm in the digital signaturescheme. Specifically, the signature data generation unit 34 generatesthe signature data Sig(a) using the secret key SK(a) generated in thesecret key generation unit 33 and the plain text Plane(a) stored in thestorage unit 32 (Step S23).

The signature data Sig(a) generated in the signature data generationunit 34 is transmitted to the verification unit 42 of the semiconductordevice 40 (Step S24). Further, the plain text Plane(a) is transmitted tothe verification unit 42 of the semiconductor device 40 (Step S25). Notethat, although the case where the plain text Plane(a) is stored in thestorage unit 32 is shown in FIG. 5, the plain text Plane(a) may bedirectly supplied from outside to the signature data generation unit 34and the verification unit 42.

The verification unit 42 of the semiconductor device 40 executes averification algorithm in the digital signature scheme. Specifically,the verification unit 42 generates verification data using the signaturedata Sig(a) and the public key PK(a) of the semiconductor device 30, andcompares the verification data with the plain text Plane (a) (Step S26).When the verification data and the plain text Plane(a) match (when theverification algorithm accepts the signature data Sig(a)), theverification unit 42 determines that the signature data Sig(a) createdby the semiconductor device 30 is valid. In other words, it isdetermined that the semiconductor device 30 has the secret key SK(a). Onthe other hand, when the verification data and the plain text Plane(a)do not match (when the verification algorithm rejects the signature dataSig(a)), the verification unit 42 determines that the signature dataSig(a) created by the semiconductor device 30 is invalid. In otherwords, it is determined that the semiconductor device 30 does not havethe secret key SK(a). Note that the sequence of the above steps can bechanged as appropriate as long as it is consistent.

Generally, in the case of performing verification using the digitalsignature scheme between the semiconductor device ICx (which correspondsto a signer) and the semiconductor device ICy (which corresponds to averifier), ICx needs to have a secret key SK(x). The secret key SK(x) isstored in a nonvolatile memory (storage unit) of the semiconductordevice ICx. Therefore, if unauthorized analysis of the semiconductordevice is made, leakage of important data such as the secret key SK(x)occurs.

On the other hand, in the cryptographic communication system accordingto this embodiment, the secret key SK(a) of the semiconductor device 30is generated in the secret key generation unit 33 of the semiconductordevice 30 by using the unique code UC(a) unique to the semiconductordevice 30 and the correction data CD(a) stored in the storage unit 32.Because the secret key SK(a), which is important data, is not directlystored in the storage unit 32, leakage of the secret key SK(a) does notoccur even if unauthorized analysis of the semiconductor device is made.Therefore, even when the semiconductor device 30 and the semiconductordevice 40 are configured using a general-purpose microcomputer with arelatively low security level, a high security level can be achieved.Note that the secure microcomputer may be used for the semiconductordevices 30 and 40 in order to further enhance the security level of thecryptographic communication system composed of the semiconductor device30 and the semiconductor device 40.

As described above, according to the embodiment of the presentinvention, it is possible to provide the cryptographic communicationsystem and the cryptographic communication method that enhance security.

Third Embodiment

A third embodiment of the present invention is described hereinafter.FIG. 7 is a block diagram showing a cryptographic communication system 3according to this embodiment. In this embodiment, the cryptographiccommunication system is applied to a digital signature system. Althoughthe cryptographic communication system 2 according to the secondembodiment transmits the public key PK(a) of the semiconductor device 30to the semiconductor device 40 in Step S21, in the cryptographiccommunication system 3 according to this embodiment, a public key PK(a)of a semiconductor device 50 is generated using a public key generationunit 63.

The cryptographic communication system 3 according to this embodimentshown in FIG. 7 includes a semiconductor device ICa (50) and asemiconductor device ICb (60). The semiconductor device 50 includes aunique code generation unit 51, a storage unit 52, a secret keygeneration unit 53, and a signature data generation unit 54.

The unique code generation unit 51 generates a unique code UC(a) that isunique to the semiconductor device 50 and outputs it to the secret keygeneration unit 53. The basic configuration and operation of the uniquecode generation unit 51 are the same as those of the unique codegeneration unit 11 described in the first embodiment and redundantexplanation thereof is omitted.

The storage unit 52 can store correction data CD(a) and plain textPlane(a) in a nonvolatile memory.

The secret key generation unit 53 generates a secret key SK(a) of thesemiconductor device 50 using the unique code UC(a) output from theunique code generation unit 51 and the correction data CD(a) stored inthe storage unit 52. Note that the secret key generation unit 53functions as a unique code correction unit. The basic configuration andoperation of the secret key generation unit 53 are the same as those ofthe common key generation unit 13 described in the first embodiment andredundant explanation thereof is omitted.

The signature data generation unit 54 generates signature data Sig(a)using the secret key SK(a) generated in the secret key generation unit53 and the plain text Plane(a) stored in the storage unit 52. In otherwords, the signature data generation unit 54 executes a signaturegeneration algorithm in the digital signature scheme.

The semiconductor device 60 includes a unique code generation unit 61, astorage unit 62, a public key generation unit 63, and a verificationunit 64. The unique code generation unit 61 generates a unique codeUC(b) that is unique to the semiconductor device 60 and outputs it tothe public key generation unit 63. The basic configuration and operationof the unique code generation unit 61 are the same as those of theunique code generation unit 11 described in the first embodiment andredundant explanation thereof is omitted.

The storage unit 62 can store correction data CD(b) in a nonvolatilememory.

The public key generation unit 63 generates a public key PK(a) of thesemiconductor device 50 using the unique code UC(b) output from theunique code generation unit 61 and the correction data CD(b) stored inthe storage unit 62. Note that the public key generation unit 63functions as a unique code correction unit. The basic configuration andoperation of the public key generation unit 63 are the same as those ofthe common key generation unit 13 described in the first embodiment andredundant explanation thereof is omitted.

The verification unit 64 executes a verification algorithm in thedigital signature scheme. Specifically, the verification unit 64generates verification data using the signature data Sig(a) and thepublic key PK(a) of the semiconductor device 50. The signature dataSig(a) is data generated by encrypting the plain text Plane(a) using thesecret key SK(a) of the semiconductor device 50. Thus, the verificationdata obtained by decrypting the signature data Sig(a) using the publickey PK(a) of the semiconductor device is data corresponding to the plaintext Plane(a) transmitted from the semiconductor device 50. Therefore,the verification unit 64 compares the verification data with the plaintext Plane(a) and, when the verification data and the plain textPlane(a) match, it can be determined that the semiconductor device 50has the secret key SK(a).

An operation of the cryptographic communication system according to thisembodiment is described hereinafter with reference to the flowchart ofFIG. 8. First, the secret key generation unit 53 of the semiconductordevice 50 (which corresponds to a signer) generates the secret key SK(a)of the semiconductor device 50 using the unique code UC(a) output fromthe unique code generation unit 51 and the correction data CD(a) storedin the storage unit 52 (Step S31). Then, the signature data generationunit 54 of the semiconductor device executes a signature generationalgorithm in the digital signature scheme. Specifically, the signaturedata generation unit 54 generates the signature data Sig(a) using thesecret key SK(a) generated in the secret key generation unit 53 and theplain text Plane(a) stored in the storage unit 52 (Step S32).

On the other hand, the public key generation unit 63 of thesemiconductor device 60 (which corresponds to a verifier) generates thepublic key PK(a) of the semiconductor device 50 using the unique codeUC(b) output from the unique code generation unit 61 and the correctiondata CD(b) stored in the storage unit 62 (Step S33).

The signature data Sig(a) generated in the signature data generationunit 54 is transmitted to the verification unit 64 of the semiconductordevice 60 (Step S34). Further, the plain text Plane(a) is transmitted tothe verification unit 64 of the semiconductor device 60 (Step S35). Notethat, although the case where the plain text Plane(a) is stored in thestorage unit 52 is shown in FIG. 7, the plain text Plane(a) may bedirectly supplied from outside to the signature data generation unit 54and the verification unit 64.

The verification unit 64 of the semiconductor device 60 executes averification algorithm in the digital signature scheme. Specifically,the verification unit 64 generates verification data using the signaturedata Sig(a) and the public key PK(a) of the semiconductor device 50, andcompares the verification data with the plain text Plane(a) (Step S36).When the verification data and the plain text Plane(a) match (when theverification algorithm accepts the signature data Sig(a)), theverification unit 64 determines that the signature data Sig(a) createdby the semiconductor device 50 is valid. In other words, it isdetermined that the semiconductor device 50 has the secret key SK(a). Onthe other hand, when the verification data and the plain text Plane(a)do not match (when the verification algorithm rejects the signature dataSig(a)), the verification unit 64 determines that the signature dataSig(a) created by the semiconductor device 50 is invalid. In otherwords, it is determined that the semiconductor device 50 does not havethe secret key SK(a). Note that the sequence of the above steps can bechanged as appropriate as long as it is consistent.

In the cryptographic communication system according to this embodiment,the secret key SK(a) of the semiconductor device 50 is generated in thesecret key generation unit 53 of the semiconductor device 50 by usingthe unique code UC(a) unique to the semiconductor device 50 and thecorrection data CD(a). Because the secret key SK(a), which is importantdata, is not directly stored in the storage unit 52, leakage of thesecret key SK(a) being important data does not occur even ifunauthorized analysis of the semiconductor device is made. Therefore,even when the semiconductor device 50 and the semiconductor device 60are configured using a general-purpose microcomputer with a relativelylow security level, a high security level can be achieved.

Further, in the cryptographic communication system according to thisembodiment, the public key PK(a) of the semiconductor device 50 isgenerated in the public key generation unit 63 of the semiconductordevice 60 by using the unique code UC(b) and the correction data CD(b).Because there is no need to transmit the public key PK(a) from thesemiconductor device 50 to the semiconductor device 60, it is possibleto prevent leakage of the cryptographic method in use to a third party,which further enhances the security of the cryptographic communicationsystem. Note that the secure microcomputer may be used for thesemiconductor devices 50 and in order to further enhance the securitylevel of the cryptographic communication system composed of thesemiconductor device 50 and the semiconductor device 60.

Fourth Embodiment

A fourth embodiment of the present invention is described hereinafter.In the first to third embodiments described above, the correction dataCD(a) and CD(b) that are used for generating the common key and thesecret key are stored in the semiconductor device. However, thecorrection data CD(a) and CD(b) that are used for generating the commonkey and the secret key are also information with a high security level.It is thus preferred to construct a cryptographic communication systemin which the correction data CD(a) and CD(b) are not leaked to a thirdparty.

In a cryptographic communication system 4 according to this embodimentshown in FIG. 9, the correction data to be used for generating thecommon key is not stored in semiconductor devices 70 and 80, and asemiconductor device 90 including a database 91 that collectivelymanages the correction data is placed. Because the correction data witha high security level is stored in the database 91 of the semiconductordevice 90, it is preferred to configure the semiconductor device 90using the secure microcomputer. On the other hand, information of acommon key CK(1) with a high security level is not stored in anonvolatile memory in the semiconductor devices 70 and 80, thesemiconductor devices 70 and 80 can be configured using general-purposemicrocomputers. Specifically, although the common key CK(1) istemporarily stored in storage units 72 and 82, because the common keyCK(1) is stored in a volatile memory, information of the common keyCK(1) is erased when the semiconductor devices 70 and 80 are poweredoff. Accordingly, the common key CK(1) with a high security level is notstored in the semiconductor devices 70 and 80. The cryptographiccommunication system according to this embodiment is described in detailhereinbelow.

The cryptographic communication system 4 shown in FIG. 9 includessemiconductor devices 70, 80 and 90. The semiconductor device (firstsemiconductor device) 70 includes a unique code generation unit 71, astorage unit 72, and a common key generation unit (first common keygeneration unit) 73.

The unique code generation unit 71 generates a unique code UC(a) that isunique to the semiconductor device 70 and outputs it to the common keygeneration unit 73. The basic configuration and operation of the uniquecode generation unit 71 are the same as those of the unique codegeneration unit 11 described in the first embodiment and redundantexplanation thereof is omitted.

The storage unit 72 stores the common key CK(1) generated in the commonkey generation unit 73 in a volatile memory. The common key CK(1) iserased when the semiconductor device 70 is powered off. Note that thecommon key CK(1) may be stored in a nonvolatile memory according to needafter taking security measures such as encryption, and measures such aserasing data by writing at power-off of the semiconductor device 70 maybe done on the common key CK(1) stored in the nonvolatile memory.

The common key generation unit 73 generates the common key CK(1) usingthe unique code UC(a) output from the unique code generation unit 71 andcorrection data (first correction data) CD(1,a) supplied from thesemiconductor device 90. The common key generation unit 73 functions asa unique code correction unit. The basic configuration and operation ofthe common key generation unit 73 are the same as those of the commonkey generation unit 13 described in the first embodiment and redundantexplanation thereof is omitted.

The semiconductor device (second semiconductor device) 80 includes aunique code generation unit 81, a storage unit 82, and a common keygeneration unit (second common key generation unit) 83.

The unique code generation unit 81 generates a unique code UC(b) that isunique to the semiconductor device 80 and outputs it to the common keygeneration unit 83. The basic configuration and operation of the uniquecode generation unit 81 are the same as those of the unique codegeneration unit 11 described in the first embodiment and redundantexplanation thereof is omitted.

The storage unit 82 stores the common key CK(1) generated in the commonkey generation unit 83 in a volatile memory. The common key CK(1) iserased when the semiconductor device 80 is powered off. Note that thecommon key CK(1) may be stored in a nonvolatile memory according to needafter taking security measures such as encryption, and measures such aserasing data by writing at power-off of the semiconductor device 80 maybe done on the common key CK(1) stored in the nonvolatile memory.

The common key generation unit 83 generates the common key CK(1) usingthe unique code UC(b) output from the unique code generation unit 81 andcorrection data (second correction data) CD(1,b) supplied from thesemiconductor device 90. The common key generation unit 83 functions asa unique code correction unit. The basic configuration and operation ofthe common key generation unit 83 are the same as those of the commonkey generation unit 13 described in the first embodiment and redundantexplanation thereof is omitted.

The semiconductor device (third semiconductor device) 90 includes thedatabase 91 that stores the correction data. FIG. 10 is a table showingan example of data stored in the database 91. As shown in FIG. 10,correction data CD(1,a), CD(1,b), . . . ) associated with information ofthe semiconductor devices (ICa, ICb, ICc, . . . , ICz) and public keysgenerated in the semiconductor devices (CK(1), CK(2), CK(3), . . . ,CK(n)) are stored in the database 91.

For example, in the case of generating the common key CK(1) in thesemiconductor device ICa, the correction data CD(1,a) is transmitted tothe semiconductor device ICa. Further, in the case of generating thecommon key CK(1) in the semiconductor device ICb, the correction dataCD(1,b) is transmitted to the semiconductor device ICb. Likewise, in thecase of generating the common key CK(3) in the semiconductor device ICa,for example, the correction data CD(3,a) is transmitted to thesemiconductor device ICa. Further, in the case of generating the commonkey CK(3) in the semiconductor device ICb, for example, the correctiondata CD(3,b) is transmitted to the semiconductor device ICb.

In the cryptographic communication system according to this embodiment,even when the unique codes UC(a) and UC(b) are different, the samecommon key CK(1) can be generated by performing different operations onthe error-corrected unique codes UC(a)″ and UC(b)″ using the operationparameter (see the first embodiment).

Further, the common key CK can be changed by changing the operationparameter of the correction data CD. Thus, a plurality of common keyscan be generated like the common keys CK(1), CK(2), CK(3), . . . , CK(n)shown in FIG. 10 by changing the operation parameter of the correctiondata CD. Thus, in the cryptographic communication system according tothis embodiment, by changing the correction data CD that is transmittedfrom the semiconductor device 90 to the semiconductor devices 70 and 80at regular intervals, the common key CK of the semiconductor devices 70and 80 can be changed easily, so that the security level can be easilyenhanced.

Note that because the correction data CD that is transmitted from thesemiconductor device 90 to the semiconductor devices 70 and 80 isinformation with a high security level, when transmitting the correctiondata CD to the semiconductor devices 70 and 80, the correction data CDmay be encrypted before transmission using the public key cryptosystem.In this case, the semiconductor device 70 has the secret key of thesemiconductor device 70, for example, and the semiconductor device 90encrypts the correction data CD(1,a) using the public key of thesemiconductor device 70 when transmitting the correction data CD(1,a).Then, the semiconductor device 70 decrypts the encrypted correction dataCD(1,a) using the secret key, so that the encrypted correction data canbe transmitted from the semiconductor device 90 to the semiconductordevice 70.

An operation of the cryptographic communication system 4 according tothis embodiment is described hereinafter with reference to the flowchartof FIG. 11. First, the semiconductor device ICs (90) transmits thecorrection data CD(1,a) to the semiconductor device ICa (70) (Step S41).Next, the common key generation unit 73 of the semiconductor device 70generates the common key CK(1) using the unique code UC(a) output fromthe unique code generation unit 71 and the correction data CD(1,a)transmitted from the semiconductor device 90 (Step S42).

Further, the semiconductor device ICs (90) transmits the correction dataCD(1,b) to the semiconductor device ICb (80) (Step S43). Next, thecommon key generation unit 83 of the semiconductor device 80 generatesthe common key CK(1) using the unique code UC(b) output from the uniquecode generation unit 81 and the correction data CD(1,b) transmitted fromthe semiconductor device 90 (Step S44). In this process, both of thesemiconductor device 70 and the semiconductor device 80 can have thecommon key CK(1). Thus, the semiconductor device 70 and thesemiconductor device 80 can perform cryptographic communication usingthe common key CK(1) (Step S45). Note that the sequence of the abovesteps can be changed as appropriate as long as it is consistent.

Note that, when transmitting the correction data CD from thesemiconductor device 90 to the semiconductor device 70 or 80, thecorrection data CD may be transmitted from the semiconductor device 90to the semiconductor device 70 or 80 at regular intervals.Alternatively, the correction data CD may be transmitted from thesemiconductor device 90 to the semiconductor device 70 or 80 at thetiming when a request for transmission of the correction data CD is madefrom the semiconductor device 70 or 80.

The semiconductor device 90 and the semiconductor devices 70 and 80 maybe connected to each other via wired or wireless. Further, thesemiconductor device 90 and the semiconductor devices 70 and 80 may beconfigured to be connected to each other only at the time oftransmitting and receiving the correction data CD. Furthermore, thesemiconductor device 90 may transmit the correction data CD to thesemiconductor devices 70 and 80 through the Internet. In this case, itis preferred to encrypt the correction data CD using the above methodfor the sake of security.

Further, the system may be configured in such a way that a plurality ofsets of semiconductor devices communicate with each other usingdifferent common keys CK. For example, the semiconductor devices ICd,ICe and ICf may be configured to communicate with one another using thecommon key CK(2), and the semiconductor devices ICg, ICh and ICi may beconfigured to communicate with one another using the common key CK(3).In this case, the correction data CD(2,d), CD(2,e) and CD(2,f) forgenerating the common key CK(2) are transmitted from the semiconductordevice 90 to the semiconductor devices ICd, ICe and ICf, respectively.Further, the correction data CD(3,g), CD(3,h) and CD(3,i) for generatingthe common key CK(3) are transmitted from the semiconductor device 90 tothe semiconductor devices ICg, ICh and ICi, respectively.

In this manner, in the cryptographic communication system according tothis embodiment, the semiconductor device 90 that collectively managesthe correction data CD is included. Thus, there is no need to store thecorrection data CD that is used for generating the common key CK in thesemiconductor devices 70 and 80, which enhances the security of thecryptographic communication system. Because the correction data with ahigh security level is stored in the database 91 of the semiconductordevice 90, it is preferred to configure the semiconductor device 90using the secure microcomputer. On the other hand, information of thecommon key CK with a high security level is not stored in a nonvolatilememory in the semiconductor devices 70 and 80, the semiconductor devices70 and 80 can be configured using general-purpose microcomputers.However, secure microcomputers may be used for the semiconductor devices70 and 80 in order to further enhance the security level of thecryptographic communication system.

Further, in the cryptographic communication system according to thisembodiment, because the correction data CD is collectively managed usingthe database 91, the common key CK of each semiconductor device can bechanged easily. It is thus possible to easily change the common key CKof the semiconductor devices 70 and 80 at regular intervals, whichfurther enhances the security of the cryptographic communication system.

Fifth Embodiment

A fifth embodiment of the present invention is described hereinafter.FIG. 12 is a block diagram showing a cryptographic communication systemaccording to this embodiment. Although the correction data iscollectively managed in the database 91 in the cryptographiccommunication system described in the fourth embodiment, correction datato be transmitted to a semiconductor device ICa (110) and asemiconductor device ICb (120) is generated using a correction datageneration unit 132 included in a semiconductor device 130. The otherconfiguration is basically the same as that of the cryptographiccommunication system according to the fourth embodiment. This isdescribed in detail hereinbelow.

A cryptographic communication system 5 shown in FIG. 12 includessemiconductor devices 110, 120 and 130. The semiconductor device 110includes a unique code generation unit 111, a storage unit 112 and acommon key generation unit 113.

The unique code generation unit 111 generates a unique code UC(a) thatis unique to the semiconductor device 110 and outputs it to the commonkey generation unit 113 and the correction data generation unit 132 ofthe semiconductor device 130. The basic configuration and operation ofthe unique code generation unit 111 are the same as those of the uniquecode generation unit 11 described in the first embodiment and redundantexplanation thereof is omitted.

The storage unit 112 stores a common key CK(1) generated in the commonkey generation unit 113 in a volatile memory. The common key CK(1) iserased when the semiconductor device 110 is powered off. Note that thecommon key CK(1) may be stored in a nonvolatile memory according to needafter taking security measures such as encryption, and measures such aserasing data by writing at power-off of the semiconductor device 110 maybe done on the common key CK(1) stored in the nonvolatile memory.

The common key generation unit 113 generates the common key CK(1) usingthe unique code UC(a) output from the unique code generation unit 111and correction data CD(1,a) supplied from the semiconductor device 130.The common key generation unit 113 functions as a unique code correctionunit. The basic configuration and operation of the common key generationunit 113 are the same as those of the common key generation unit 13described in the first embodiment and redundant explanation thereof isomitted.

The semiconductor device 120 includes a unique code generation unit 121,a storage unit 122 and a common key generation unit 123.

The unique code generation unit 121 generates a unique code UC(b) thatis unique to the semiconductor device 120 and outputs it to the commonkey generation unit 123 and the correction data generation unit 132 ofthe semiconductor device 130. The basic configuration and operation ofthe unique code generation unit 121 are the same as those of the uniquecode generation unit 11 described in the first embodiment and redundantexplanation thereof is omitted.

The storage unit 122 stores a common key CK(1) generated in the commonkey generation unit 123 in a volatile memory. The common key CK(1) iserased when the semiconductor device 120 is powered off. Note that thecommon key CK(1) may be stored in a nonvolatile memory according to needafter taking security measures such as encryption, and measures such aserasing data by writing at power-off of the semiconductor device 120 maybe done on the common key CK(1) stored in the nonvolatile memory.

The common key generation unit 123 generates the common key CK(1) usingthe unique code UC(b) output from the unique code generation unit 121and correction data CD(1,b) supplied from the semiconductor device 130.The common key generation unit 123 functions as a unique code correctionunit. The basic configuration and operation of the common key generationunit 123 are the same as those of the common key generation unit 13described in the first embodiment and redundant explanation thereof isomitted.

The semiconductor device 130 includes a storage unit 131 and acorrection data generation unit 132. The storage unit 131 stores thecommon key CK(1) in a nonvolatile memory. The information of the commonkey CK(1) is not erased even when the semiconductor device 130 ispowered off. Thus, it is preferred to configure the semiconductor device130 using the secure microcomputer in order to prevent leakage of theinformation of the common key CK(1) to a third party by unauthorizedanalysis of the semiconductor device. Note that the semiconductordevices 110 and 120 may be configured using general-purposemicrocomputers as in the case of the fourth embodiment.

The correction data generation unit 132 generates the correction dataCD(1,a) using the unique code UC(a) of the semiconductor device 110 andthe common key CK(1) stored in the storage unit 131. Further, thecorrection data generation unit 132 generates the correction dataCD(1,b) using the unique code UC(b) of the semiconductor device 120 andthe common key CK(1) stored in the storage unit 131.

An operation when the correction data generation unit 132 generates thecorrection data is described hereinafter in detail with reference toFIG. 14. Although the case where the correction data generation unit 132generates the correction data CD(1,a) is described below, the sameapplies to the case where the correction data generation unit 132generates the correction data CD(1,b).

First, the correction data generation unit 132 acquires the unique codeUC(a) a plurality of times from the semiconductor device ICa (110) (StepS61). Next, the correction data generation unit 132 statisticallyprocesses the unique code UC(a) acquired in Step S61, and classifies therespective bits of the unique code UC(a) into (1) bits with a stablevalue, (2) bits with high variability (i.e. bits with a relatively largevariation in value) and (3) bits with low variability (i.e. bits with arelatively small variation in value). Then, the correction datageneration unit 132 generates mask data using the (2) bits with highvariability (Step S62). At this time, information indicating theposition of the bit that varies with higher probability than a specifiedthreshold among the bits of the unique code UC(a) is set as the maskdata. For example, in the mask data shown in FIG. 4, the position of thebit with high variability (i.e. the position to be masked) is indicatedby “0”.

Next, the correction data generation unit 132 masks the unique codeUC(a) using the mask data generated in Step S62 and eliminates the bitwith high variability. It then generates an ECC code for correcting theerror of the masked unique code UC(a)′ (i.e. the unique code containingbits with a stable value and bits with low variability) (Step S63). TheECC code is BCH code or Reed-Solomon code, for example.

Then, the correction data generation unit 132 generates an operationparameter using the unique code UC(a)″ processed using the mask datagenerated in Step S62 and the ECC code generated in Step S63 (which isthe unique code containing bits with a stable value) and the common keyCK(1) stored in the storage unit 131 (Step S64). The operation parameteris a parameter required to generate the common key CK(1) from thecorrected unique code UC(a)″.

Finally, the correction data generation unit 132 transmits the maskdata, the ECC code and the operation parameter generated by the aboveprocess as the correction data CD(1,a) to the semiconductor device ICa(110) (Step S65).

An operation of the cryptographic communication system 5 according tothis embodiment is described hereinafter with reference to the flowchartof FIG. 13. First, the semiconductor device ICa (110) transmits theunique code UC(a) to the correction data generation unit 132 of thesemiconductor device ICs (130) (Step S51). Next, the correction datageneration unit 132 of the semiconductor device 130 generates thecorrection data CD(1,a) using the transmitted unique code UC(a) and thecommon key CK(1) (Step S52). For the correction data generation unit 132to generate the correction data CD(1,a), it is necessary to acquire theunique code UC(a) a plurality of times. Thus, Step S51 is repeated toacquire the unique code UC(a) a plurality of times. The generatedcorrection data CD(1,a) is transmitted to the semiconductor device 110(Step S53). The common key generation unit 113 of the semiconductordevice 110 generates the common key CK(1) using the unique code UC(a)output from the unique code generation unit 111 and the correction dataCD(1,a) transmitted from the semiconductor device 130 (Step S54).

Further, the semiconductor device ICb (120) transmits the unique codeUC(b) to the correction data generation unit 132 of the semiconductordevice ICs (130) (Step S55). Next, the correction data generation unit132 of the semiconductor device 130 generates the correction dataCD(1,b) using the transmitted unique code UC(b) and the common key CK(1)(Step S56). For the correction data generation unit 132 to generate thecorrection data CD(1,b), it is necessary to acquire the unique codeUC(b) a plurality of times. Thus, Step S55 is repeated to acquire theunique code UC(b) a plurality of times. The generated correction dataCD(1,b) is transmitted to the semiconductor device 120 (Step S57). Thecommon key generation unit 123 of the semiconductor device 120 generatesthe common key CK(1) using the unique code UC(b) output from the uniquecode generation unit 121 and the correction data CD(1,b) transmittedfrom the semiconductor device 130 (Step S58).

By the above process, both of the semiconductor device 110 and thesemiconductor device 120 can have the common key CK(1). Thus, thesemiconductor device 110 and the semiconductor device 120 can performcryptographic communication using the common key CK(1) (Step S59). Notethat the sequence of the above steps can be changed as appropriate aslong as it is consistent. For example, Steps S51 to S54 and Steps S55 toS58 may be performed in parallel.

As described above, in the cryptographic communication system accordingto this embodiment also, the semiconductor device 130 that collectivelymanages the correction data is included. Thus, there is no need to storethe correction data that is used for generating the common key in thesemiconductor devices 110 and 120, which enhances the security of thecryptographic communication system. Because the correction data with ahigh security level is stored in the database 131 of the semiconductordevice 130, it is preferred to configure the semiconductor device 130using the secure microcomputer. On the other hand, information of thecommon key CK with a high security level is not stored in a nonvolatilememory in the semiconductor devices 110 and 120, the semiconductordevices 110 and 120 can be configured using general-purposemicrocomputers. However, secure microcomputers may be used for thesemiconductor devices 110 and 120 in order to further enhance thesecurity level of the cryptographic communication system.

Sixth Embodiment

A sixth embodiment of the present invention is described hereinafter.FIG. 15 is a block diagram showing a cryptographic communication systemaccording to this embodiment. In the cryptographic communication systemaccording to the fifth embodiment, the case where the semiconductordevice ICa (110) and the semiconductor device ICb (120) have the samecommon key CK(1) is described. In the cryptographic communication systemaccording to this embodiment, a semiconductor device ICa (140) and asemiconductor device ICb (150) have different common keys andcommunicate with each other through a semiconductor device ICs (160).The other configuration is basically the same as that of thecryptographic communication system according to the fifth embodiment.This is described in detail hereinbelow.

A cryptographic communication system 6 shown in FIG. 15 includessemiconductor devices 140, 150 and 160. The semiconductor device 140includes a unique code generation unit 141, a storage unit 142 and acommon key generation unit 143.

The unique code generation unit 141 generates a unique code UC(a) thatis unique to the semiconductor device 140 and outputs it to the commonkey generation unit 143 and the correction data generation unit 162 ofthe semiconductor device 160. The basic configuration and operation ofthe unique code generation unit 141 are the same as those of the uniquecode generation unit 11 described in the first embodiment and redundantexplanation thereof is omitted.

The storage unit 142 stores a common key (first common key) CK(1)generated in the common key generation unit 143 in a volatile memory.The common key CK(1) is erased when the semiconductor device 140 ispowered off.

The common key generation unit 143 generates the common key CK(1) usingthe unique code UC(a) output from the unique code generation unit 141and correction data CD(1,a) supplied from the semiconductor device 160.The common key generation unit 143 functions as a unique code correctionunit. The basic configuration and operation of the common key generationunit 143 are the same as those of the common key generation unit 13described in the first embodiment and redundant explanation thereof isomitted.

The semiconductor device 150 includes a unique code generation unit 151,a storage unit 152 and a common key generation unit 153.

The unique code generation unit 151 generates a unique code UC(b) thatis unique to the semiconductor device 150 and outputs it to the commonkey generation unit 153 and the correction data generation unit 162 ofthe semiconductor device 160. The basic configuration and operation ofthe unique code generation unit 151 are the same as those of the uniquecode generation unit 11 described in the first embodiment and redundantexplanation thereof is omitted.

The storage unit 152 stores a common key (second common key) CK(2)generated in the common key generation unit 153 in a volatile memory.The common key CK(2) is erased when the semiconductor device 150 ispowered off.

The common key generation unit 153 generates the common key CK(2) usingthe unique code UC(b) output from the unique code generation unit 151and correction data CD(2,b) supplied from the semiconductor device 160.The common key generation unit 153 functions as a unique code correctionunit. The basic configuration and operation of the common key generationunit 153 are the same as those of the common key generation unit 13described in the first embodiment and redundant explanation thereof isomitted.

The semiconductor device 160 includes a storage unit 161 and acorrection data generation unit 162. The storage unit 161 stores thecommon key CK(1) and the common key CK(2) in a nonvolatile memory. Theinformation of the common key CK(1) and the common key CK(2) are noterased even when the semiconductor device 160 is powered off. Thus, itis preferred to configure the semiconductor device 160 using the securemicrocomputer in order to prevent leakage of the information of thecommon key CK(1) and the common key CK(2) to a third party byunauthorized analysis of the semiconductor device. Note that thesemiconductor devices 140 and 150 may be configured usinggeneral-purpose microcomputers as in the case of the fifth embodiment.

The correction data generation unit 162 generates the correction dataCD(1,a) using the unique code UC(a) of the semiconductor device 140 andthe common key CK(1) stored in the storage unit 161. Further, thecorrection data generation unit 162 generates the correction dataCD(2,b) using the unique code UC(b) of the semiconductor device 150 andthe common key CK(2) stored in the storage unit 161.

An operation of the cryptographic communication system 6 according tothis embodiment is described hereinafter with reference to the flowchartof FIG. 16. First, the semiconductor device ICa (140) transmits theunique code UC(a) to the correction data generation unit 162 of thesemiconductor device ICs (160) (Step S71). Next, the correction datageneration unit 162 of the semiconductor device 160 generates thecorrection data CD(1,a) using the transmitted unique code UC(a) and thecommon key CK(1) (Step S72). For the correction data generation unit 162to generate the correction data CD(1,a), it is necessary to acquire theunique code UC(a) a plurality of times. Thus, Step S71 is repeated toacquire the unique code UC(a) a plurality of times. The generatedcorrection data CD(1,a) is transmitted to the semiconductor device 140(Step S73). The common key generation unit 143 of the semiconductordevice 140 generates the common key CK(1) using the unique code UC(a)output from the unique code generation unit 141 and the correction dataCD(1,a) transmitted from the semiconductor device 160 (Step S74).

Further, the semiconductor device ICb (150) transmits the unique codeUC(b) to the correction data generation unit 162 of the semiconductordevice ICs (160) (Step S75). Next, the correction data generation unit162 of the semiconductor device 160 generates the correction dataCD(2,b) using the transmitted unique code UC(b) and the common key CK(2)(Step S76). For the correction data generation unit 162 to generate thecorrection data CD(2,b), it is necessary to acquire the unique codeUC(b) a plurality of times. Thus, Step S75 is repeated to acquire theunique code UC(b) a plurality of times. The generated correction dataCD(2,b) is transmitted to the semiconductor device 150 (Step S77). Thecommon key generation unit 153 of the semiconductor device 150 generatesthe common key CK(2) using the unique code UC(b) output from the uniquecode generation unit 151 and the correction data CD(2,b) transmittedfrom the semiconductor device 160 (Step S78).

By the above process, both of the semiconductor device 140 and thesemiconductor device 160 can have the common key CK(1). Thus, thesemiconductor device 140 and the semiconductor device 160 can performcryptographic communication using the common key CK(1) (Step S79).Further, both of the semiconductor device 150 and the semiconductordevice 160 can have the common key CK(2). Thus, the semiconductor device150 and the semiconductor device 160 can perform cryptographiccommunication using the common key CK(2) (Step S80). Therefore, thesemiconductor device 140 and the semiconductor device 150 cancommunicate through the semiconductor device 160 (gatewayconfiguration). Note that the sequence of the above steps can be changedas appropriate as long as it is consistent. For example, Steps S71 toS74 and Steps S75 to S78 may be performed in parallel.

As described above, in the cryptographic communication system accordingto this embodiment also, the semiconductor device 160 that collectivelymanages the correction data is included. Thus, there is no need to storethe correction data that is used for generating the common key in thesemiconductor devices 140 and 150, which enhances the security of thecryptographic communication system. Because the correction data with ahigh security level is stored in the database 161 of the semiconductordevice 160, it is preferred to configure the semiconductor device 160using the secure microcomputer. On the other hand, information of thecommon key CK with a high security level is not stored in a nonvolatilememory in the semiconductor devices 140 and 150, the semiconductordevices 140 and 150 can be configured using general-purposemicrocomputers. However, secure microcomputers may be used for thesemiconductor devices 140 and 150 in order to further enhance thesecurity level of the cryptographic communication system.

Seventh Embodiment

A seventh embodiment of the present invention is described hereinafter.FIG. 17 is a block diagram showing a case where the cryptographiccommunication system according to the first to sixth embodiment isapplied to a vehicle-mounted semiconductor device. As shown in FIG. 17,a vehicle 180 includes a gateway unit 170, a fault diagnostic unit 171,an engine control unit 172, a brake control unit 173, a lamp controlunit 174, a door lock control unit 175, a key insertion control unit176, a car navigation system 178, and a DCM (Data Communication Module)179.

The gateway unit 170 is equipment for relaying a network composed of theunits 171 to 176 and the car navigation system 178. A securemicrocomputer ICs is included in the gateway unit 170. The faultdiagnostic unit 171 is a unit for making a diagnosis whether thecomponents of the vehicle 180 are at fault. A semiconductor device ICais included in the fault diagnostic unit 171. The engine control unit172 is a unit for making electrical control (fuel supply, ignitiontiming control etc.) of engine operation in a comprehensive manner. Asemiconductor device ICb is included in the engine control unit 172. Thebrake control unit 173 is a unit for controlling a brake such as ABS(Antilock Brake System). A semiconductor device ICc is included in thebrake control unit 173. The lamp control unit 174 is a unit forcontrolling a headlight, winker and the like of the vehicle. Asemiconductor device ICd is included in the lamp control unit 174.

The door lock control unit 175 is a unit for controlling door lock. Asemiconductor device ICe and a communication unit for radiocommunication with a key 177 are included in the door lock control unit175. The key insertion control unit 176 is a unit for determiningwhether the inserted key 177 is a valid user key or not. A semiconductordevice ICf and a communication unit for radio communication with the key177 are included in the key insertion control unit 176. A semiconductordevice ICg and a communication unit for radio communication with thedoor lock control unit 175 and the key insertion control unit 176 areincluded in the key 177. General-purpose microcomputers, for example,may be used for the semiconductor devices ICa to ICg that are includedin the respective units 171 to 176 and the key 177.

A secure microcomputer ICh is included in the car navigation system 178.The DCM 179 is a communication module for transmitting informationacquired from the units 171 to 176 in the vehicle to an external server181 or acquiring information from the server 181.

The respective units 171 to 176 and the car navigation system 178 areconnected to the gateway unit 170, and the units 171 to 176 areconfigured to be able to communicate with one another through thegateway unit 170. The common key that is used for communication betweenthe respective units 171 to 176 and the gateway unit 170 may differ fromunit to unit. For example, the common key CK(1) may be used forcommunication between the fault diagnostic unit 171 and the gateway unit170, and the common key CK(2) may be used for communication between theengine control unit 172 and the gateway unit 170. Note that, in thiscase, the semiconductor device ICa (140) in the cryptographiccommunication system 6 according to the sixth embodiment shown in FIG.15 corresponds to the fault diagnostic unit 171, the semiconductordevice ICb (150) corresponds to the engine control unit 172, and thesemiconductor device ICs (160) corresponds to the gateway unit 170.

The correction data CD that is used to generate the common key to beused for communication between the respective units 171 to 176 and thegateway unit 170 may be stored in the semiconductor device ICs of thegateway unit 170 or the semiconductor device ICh of the car navigationsystem 178, for example. Further, the correction data CD that is used togenerate the common key may be supplied from the server 181. With thecorrection data CD supplied from the server 181, the common key to beused for communication between the respective units 171 to 176 and thegateway unit 170 can be easily changed. The correction data CD suppliedfrom the server 181 may be stored in the semiconductor device ICs of thegateway unit 170 or the semiconductor device ICh of the car navigationsystem 178, for example.

Further, the car navigation system 178 may transmit the information (forexample, failure information etc.) acquired from the units 171 to 176 tothe server 181 through the DCM 179. At this time, communication betweenthe DCM 179 and the server 181 may be encrypted.

In the example of FIG. 17, the configuration in which the units 171 to176 perform communication through the gateway unit 170 is shown.However, the units 171 to 176 may communicate with one another using thesame common key. In this case, the units 171 to 176 are configured to beconnected to one another through a common bus, for example. The commonkey stored in the respective units 171 to 176 may be generated using themethod described in the first embodiment (FIG. 1), the fourth embodiment(FIG. 9), and the fifth embodiment (FIG. 12), for example.

Eighth Embodiment

FIG. 18 is a block diagram showing a cryptographic communication systemaccording to an eighth embodiment. A cryptographic communication system201 according to this embodiment includes a semiconductor device ICa(first semiconductor device) 210 and a semiconductor device ICz (secondsemiconductor device) 220. The semiconductor device ICa (210)establishes a secure network with another semiconductor device (notshown). In this embodiment, a case where the semiconductor device ICz(220) is added to the secure network including the semiconductor deviceICa (210) is described.

The semiconductor device 210 includes a unique code generation unit 211,a storage unit 212, a common key generation unit (first common keygeneration unit) 213, and a correction data generation unit 214.

The unique code generation unit 211 generates a unique code (firstunique code) UC(a) having a value unique to the semiconductor device 210and containing a random error and outputs it to the common keygeneration unit 213. The unique code UC(a) is a value determined byphysical properties inherent to an element included in the semiconductordevice 210. For example, the unique code generation unit 211 maygenerate the unique code UC(a) using a value at startup of a memoryelement included in the semiconductor device 210. The unique code is acode generated using the property that actually fabricated ICs varydespite that the design of the ICs is the same. This technique is calledPUF (Physical Unclonable Function), and it is a technique that, evenwhen a plurality of ICs having the same circuit are fabricated at a timeon one semiconductor wafer by the same fabrication device, generatesunique codes for the respective ICs and further makes the ICsunclonable. Use of this technique achieves effective concealment of datawithout a need for special hardware such as a tamper-resistant chip.

The storage unit 212 can store correction data (first correction data)CD(a), and a common key (first common key) CK(a) generated in the commonkey generation unit 213. The storage unit 212 includes a volatile memory(for example, SRAM) and a nonvolatile memory (for example, flashmemory), for example, and the correction data CD(a) is stored in thenonvolatile memory, and the common key CK(a) is stored in the volatilememory. Thus, although the storage unit 212 temporarily stores thecommon key CK(a), information of the common key CK(a) is erased when thesemiconductor device 210 is powered off. Note that the common key CK(a)may be stored in the nonvolatile memory according to need after takingsecurity measures such as encryption, and measures such as erasing databy writing at power-off of the semiconductor device 210 may be done onthe common key CK(a) stored in the nonvolatile memory.

The common key generation unit 213 generates the common key CK(a) usingthe unique code UC(a) output from the unique code generation unit 211and the correction data CD(a) stored in the storage unit 212.

The unique code UC(a) generated in the unique code generation unit 211is data containing bit values that vary depending on external factorsduring generation of the unique code, such as temperature and voltage,for example. Therefore, the unique code UC(a) generated in the uniquecode generation unit 211 contains three types of bits: (1) bits with astable value, (2) bits with high variability (i.e. bits with arelatively large variation in value) and (3) bits with low variability(i.e. bits with a relatively small variation in value). In this manner,the unique code UC(a) generated in the unique code generation unit 211contains (2) bits with high variability and (3) bits with lowvariability. Accordingly, the unique code UC(a) has different valueseach time generated.

The bit with high variability can be found in the fabrication process.Thus, by making each bit decision during the fabrication process, maskdata to mask the bit with high variability can be created. By maskingthe unique code UC(a) generated in the unique code generation unit 211using the mask data, the bit with high variability contained in theunique code UC(a) can be eliminated. Because the position of the bitwith high variability differs from device to device, the mask data isdata unique to the semiconductor device.

On the other hand, the bit with low variability varies due to externalfactors, remaining charges and the like, and it is thus difficult tomake estimation. Therefore, for the bit with low variability, an ECCcode such as BCH code or Reed-Solomon code, for example, is generatedduring fabrication, and error correction for eliminating a bit withvariability is performed using the ECC code. An operation of the commonkey generation unit 213 is specifically described hereinafter.

FIG. 20 is a flowchart to explain an operation of the common keygeneration unit 213, and FIG. 21 is a table showing an example of aunique code processed in the common key generation unit 213. First, thecommon key generation unit 213 reads the unique code UC(a) from theunique code generation unit 211 (Step S111). The unique code UC(a) readin this step is a unique code on which error correction for eliminatinga bit with variability is not made.

Next, the common key generation unit 213 masks the read unique codeUC(a) using the mask data contained in the correction data CD(a) (StepS112). The mask data is data for masking a bit with a high error ratehaving a variable bit value among the bits of the unique code UC(a). Inthe example shown in FIG. 21, because the error rate of the first bitand the sixth bit of the unique code UC(a) is high, the mask data is“0”. Because the other bits are bits with a low error rate or bits witha stable value, the mask data is “1”. In other words, the mask data forthe bit that needs to be masked is “0”, and the mask data for the bitthat does not need to be masked is “1”. By masking the unique code UC(a)using the mask data, masked unique code UC(a)′ in which the first bitand the sixth bit of the unique code UC(a) are eliminated can beobtained (the bits eliminated by masking are indicated by “X”). Afterthat, the masked unique code UC(a)′ is left-justified.

Then, using the ECC code (error correction code) contained in thecorrection data CD(a), the common key generation unit 213 corrects theerror of the bit with a low degree of variability contained in themasked unique code UC(a)′, thereby obtaining a unique code UC(a)″ (StepS113). In the example shown in FIG. 21, as a result that the maskedunique code UC(a)′ is processed using the ECC code, the first bit iscorrected from “0” to “1”.

Then, the common key generation unit 213 performs a specified operationon the error-corrected unique code UC(a)″ using an operation parametercontained in the correction data CD(a) (Step S114). In the example shownin FIG. 21, NOT operation is performed on the error-corrected uniquecode UC(a)″. The unique code UC(a) after this operation is the commonkey CK(a). Note that the NOT operation is just one example, and anyoperation may be performed on the error-corrected unique code UC(a)″. Bychanging the operation parameter, it is possible to change the commonkey CK(a) according to need. Further, by performing a specifiedoperation on the error-corrected unique code UC(a)″ using the operationparameter, the common key CK(a) can be generated as a code that is notapparently similar to the unique code UC(a). This further enhances thesecurity level. Furthermore, the operation performed on theerror-corrected unique code UC(a)″ may be skipped. In this case, theunique code UC(a)″ processed using the mask data and the ECC code servesas the common key CK(a). The common key CK(a) generated in this manneris output to the storage unit 212.

As described above, the common key generation unit 213 has the functionof generating the common key CK(a) and also has the function ofcorrecting the unique code UC(a) using the correction data CD(a). Thus,the common key generation unit 213 functions also as a unique codecorrection unit.

Note that the mask code, the ECC code and the operation parametercontained in the correction data CD(a) are generated in advance asunique data of the semiconductor device 210 and stored in the storageunit 212. A method of generating the correction data CD(a) is the sameas that of the case where the correction data generation unit 214generates the correction data CD(z).

The correction data generation unit 214 generates correction data(second correction data) CD(z) using a unique code (second unique code)UC(z) of the semiconductor device 220 and the common key CK(a). Anoperation when the correction data generation unit 214 generates thecorrection data is described hereinafter in detail with reference toFIG. 22.

First, the correction data generation unit 214 acquires the unique codeUC(z) a plurality of times from the semiconductor device ICz (220) (StepS121). Next, the correction data generation unit 214 statisticallyprocesses the unique code UC(z) acquired in Step S121, and classifiesthe respective bits of the unique code UC(z) into (1) bits with a stablevalue, (2) bits with high variability (i.e. bits with a relatively largevariation in value) and (3) bits with low variability (i.e. bits with arelatively small variation in value). Then, the correction datageneration unit 214 generates mask data using the (2) bits with highvariability (Step S122). At this time, information indicating theposition of the bit that varies with higher probability than a specifiedthreshold among the bits of the unique code UC(z) is set as the maskdata. For example, in the mask data shown in FIG. 21, the position ofthe bit with high variability (i.e. the position to be masked) isindicated by “0”.

Next, the correction data generation unit 214 masks the unique codeUC(z) using the mask data generated in Step S122 and eliminates the bitwith high variability. It then generates an ECC code for making acorrection to remove the bits with variability of the masked unique codeUC(a)′ (i.e. the unique code containing bits with a stable value andbits with low variability) (Step S123). The ECC code is BCH code orReed-Solomon code, for example.

Then, the correction data generation unit 214 generates an operationparameter using the unique code UC(a)″ processed using the mask datagenerated in Step S122 and the ECC code generated in Step S123 (which isthe unique code containing bits with a stable value) and the common keyCK(a) stored in the storage unit 212 (Step S124). The operationparameter is thus a parameter required to generate the common key CK(a)from the corrected unique code UC(z)″. Finally, the correction datageneration unit 214 transmits the mask data, the ECC code and theoperation parameter generated by the above process as the correctiondata CD(z) to the semiconductor device ICz (220) (Step S125).

Note that the process for generating the correction data CD(z) (StepS121 to S125) may be executed in a distributed manner among a pluralityof semiconductor devices. FIG. 23 is a diagram showing a case where thecorrection data CD(z) is generated using a plurality of semiconductordevices ICa, ICb, ICc and ICd. The semiconductor devices ICa, ICb, ICcand ICd establish a secure network.

In the example shown in FIG. 23, the semiconductor device ICa executesSteps S121 and S125. Thus, the semiconductor device ICa functions as ateller with the semiconductor device ICz. The semiconductor device ICbexecutes Step S122 (mask data generation). The semiconductor device ICcexecutes Step S123 (ECC code generation). The semiconductor device ICdexecutes Step S124 (operation parameter generation). Note that theexample shown in FIG. 23 is one example, and the semiconductor devicesto execute the respective steps may be assigned arbitrarily. In thismanner, by performing the process (Step S121 to S125) for generating thecorrection data CD(z) in a distributed manner among a plurality ofsemiconductor devices, it is possible to improve the security level ofthe cryptographic communication system and avoid the concentration ofloads on one semiconductor device.

The semiconductor device 220 shown in FIG. 18 includes a unique codegeneration unit 221, a storage unit 222, and a common key generationunit (second common key generation unit) 223. The unique code generationunit 221 generates a unique code UC(z) having a value unique to thesemiconductor device 220 and containing a random error and outputs it tothe correction data generation unit 214 and the common key generationunit 223. Note that the configuration and operation of the unique codegeneration unit 221 is basically the same as the unique code generationunit 211 described above.

The storage unit 222 can have the common key CK(a) generated in thecommon key generation unit 223. The storage unit 222 stores the commonkey CK(a) in a volatile memory. Thus, although the storage unit 222temporarily stores the common key CK(a), information of the common keyCK(a) is erased when the semiconductor device 220 is powered off. Notethat the common key CK(a) may be stored in a nonvolatile memoryaccording to need after taking security measures such as encryption, andmeasures such as erasing data by writing at power-off of thesemiconductor device 220 may be done on the common key CK(a) stored inthe nonvolatile memory.

The common key generation unit 223 generates the common key (firstcommon key) CK(a) using the unique code UC(z) output from the uniquecode generation unit 221 and the correction data CD(z) output from thecorrection data generation unit 214. Note that a method of generatingthe common key CK(a) in the common key generation unit 223 is basicallythe same as the method of generating the common key CK(a) in the commonkey generation unit 213 described above.

An operation of the cryptographic communication system according to thisembodiment is described hereinafter with reference to the flowchart ofFIG. 19. First, the common key generation unit 213 of the semiconductordevice ICa (210) generates the common key CK(a) using the unique codeUC(a) output from the unique code generation unit 211 and the correctiondata CD(a) stored in the storage unit 212 (Step S101). Then, thesemiconductor device ICa (210) starts communication with othersemiconductor device ICb to ICy (not shown) using the common key CK(a)(Step S102).

The semiconductor device 220 transmits the unique code UC(z) of thesemiconductor device 220 to the correction data generation unit 214 ofthe semiconductor device 210 (Step S103). The correction data generationunit 214 of the semiconductor device 210 generates the correction dataCD(z) using the unique code UC(z) of the semiconductor device 220 andthe common key CK(a) stored in the storage unit 212 (Step S104). For thecorrection data generation unit 214 to generate the correction dataCD(z), it is necessary to acquire the unique code UC(z) a plurality oftimes. Thus, Step S103 is repeated to acquire the unique code UC(z) aplurality of times.

The generated correction data CD(z) is transmitted to the common keygeneration unit 223 of the semiconductor device 220 (Step S105). Thecommon key generation unit 223 of the semiconductor device 220 generatesthe common key CK(a) using the unique code UC(z) output from the uniquecode generation unit 221 and the correction data CD(z) output from thecorrection data generation unit 214 (Step S106). By the above process,the added semiconductor device 220 can have the common key CK(a). Thus,the added semiconductor device (ICz) 220 becomes able to performcryptographic communication with the semiconductor device (ICa) 210 andthe other semiconductor devices ICb to ICy using the common key CK(a)(Step S107). This process is a process of calculating the correctiondata CD(z) from the transmitted data UC(z) and sending it back asdescribed above. There is a possibility that a malicious attackerrepeats this process using a prepared ICz or repeatedly transmitsdifferent data UC(z) and thereby analyzes an algorithm of the common keygeneration unit by CD(z) and the current waveform data during theprocess. Therefore, it is preferred to impose a limit (for example,about three to five times) to the number of times for the flow shown inFIG. 19.

As described earlier, in the case of adding the semiconductor device ICzto the cryptographic communication system in which secure communicationis established, it is necessary to verify whether the semiconductordevice ICz to be added is a proper semiconductor device. However, inorder to verify whether the semiconductor device ICz to be added is aproper semiconductor device, it is necessary to incorporate an expensivesecure server, for example, into the cryptographic communication system.This causes an increase in costs of the cryptographic communicationsystem,

On the other hand, in the cryptographic communication system accordingto this embodiment, the correction data generation unit 214 in thesemiconductor device 210 generates the correction data CD(z) forcorrecting the unique code UC(z) by using the unique code UC(z) having avalue unique to the semiconductor device 220 and containing a randomerror and the common key CK(a), and the common key generation unit 223in the semiconductor device 220 generates the common key CK(a) using thecorrection data CD(z) and the unique code UC(z) of the semiconductordevice 220. It is thus guaranteed that the semiconductor device ICa(210) and the semiconductor device ICz (220) generate the common keyCK(a) based on the same rule, so that the security to add thesemiconductor device ICz (220) to the secure network including thesemiconductor device ICa (210) is guaranteed.

Therefore, because there is no need to incorporate an expensive secureserver into the cryptographic communication system in order to verifywhether the semiconductor device ICz to be added is a propersemiconductor device, it is possible to add the semiconductor deviceeasily and at low cost to the cryptographic communication system inwhich secure communication is performed.

Further, in the cryptographic communication system according to thisembodiment, the common key generation unit 213 in the semiconductordevice 210 generates the common key CK(a) using the unique code UC(a)having a value unique to the semiconductor device 210 and the correctiondata CD(a). Further, the common key generation unit 223 in thesemiconductor device 220 generates the common key CK(a) using the uniquecode UC(z) having a value unique to the semiconductor device 220 and thecorrection data CD(z). Because the common key CK(a), which is importantdata, is not directly stored in the storage units 212 and 222, leakageof data of the common key CK(a) does not occur even if unauthorizedanalysis of the semiconductor device is made. Therefore, in thecryptographic communication system according to this embodiment, it ispossible to enhance the security and add the semiconductor device easilyand at low cost to the cryptographic communication system in whichsecure communication is performed.

Methods of analyzing a semiconductor device for unauthorized acquisitionof data are as follows.

(1) A method that makes modification to the semiconductor device usingFIB (Focused Ion Beam) and physically analyzes the semiconductor deviceusing a probe.

(2) Fault tree analysis that makes a CPU run away by applying anelectromagnetic wave such as a laser beam to the semiconductor device orinserting noise to a power supply terminal and thereby acquires data inan unauthorized manner.

(3) Leakage analysis that observes the current consumption of thesemiconductor device and analyzes key data.

In order to prevent the unauthorized analysis, in the field where a highsecurity level is required, a microcomputer with a high security level(which is referred to hereinafter as a secure microcomputer) is used.The secure microcomputer has a shield to protect a wiring area, afunction of detecting light or signal noise, a function of disruptingthe current by combining a random number signal with a signal and thelike.

In this manner, it is possible to prevent a third party's unauthorizedanalysis of the semiconductor device by using the secure microcomputer.However, in the case of using the secure microcomputer, although theunauthorized analysis can be prevented, semiconductor devicemanufacturers cannot carry out failure analysis and breakdown analysisbecause of its high tamper resistance. Particularly, in avehicle-mounted microcomputer (ECU etc.) for automobile use, failureanalysis and breakdown analysis of a semiconductor device are necessarybecause high reliability is required. For this reason, a general-purposemicrocomputer having a lower security level than the securemicrocomputer has been widely used as the vehicle-mounted microcomputer.Thus, a cryptographic communication system that increases the securitylevel of a semiconductor device with use of a general-purposemicrocomputer has been required for the vehicle-mounted microcomputer.

In the cryptographic communication system according to this embodiment,because important data such as the common key CK(a) is not directlystored in the storage units 212 and 222, leakage of the important datasuch as the common key CK(a) does not occur even if unauthorizedanalysis of the semiconductor device is made. Therefore, even when thesemiconductor device 210 and the semiconductor device 220 are configuredusing general-purpose microcomputers with a relatively low securitylevel, a high security level can be achieved.

Note that the correction data CD(a) that is used to generate the commonkey CK(a) in the semiconductor device 210 is information with arelatively high security level, though the security level is lower thanthat of the common key CK(a). Thus, the security microcomputer may beused for the semiconductor device 210 in which the correction data CD(a)is stored in order to prevent leakage of the correction data CD(a) to athird party.

Further, the correction data CD(z) that is transmitted from thesemiconductor device 210 to the semiconductor device 220 is informationwith a relatively high security level because it is related data to theunique code UC(z) and the common key CK(a). Thus, when transmitting thecorrection data CD(z) from the semiconductor device 210 to thesemiconductor device 220, the correction data CD(z) may be encryptedusing the public key cryptosystem before transmission. In this case, thesemiconductor device 220, for example, has the secret key of thesemiconductor device 220, and the semiconductor device 210 encrypts thecorrection data CD(z) using the public key of the semiconductor device220 before transmitting the correction data CD(z). Then, thesemiconductor device 220 decrypts the encrypted correction data CD(z)using the secret key. The encrypted correction data can be therebytransmitted from the semiconductor device 210 to the semiconductordevice 220.

As described above, according to the embodiment of the presentinvention, it is possible to provide the cryptographic communicationsystem and the cryptographic communication method that can easily add asemiconductor device to the cryptographic communication system in whichsecure communication is performed.

Ninth Embodiment

A ninth embodiment of the present invention is described hereinafter.FIG. 24 is a block diagram showing a cryptographic communication system202 according to this embodiment. A unique code UC(z) that is outputfrom a semiconductor device ICz is information with a relatively lowsecurity level because it contains error information for itscharacteristics. Thus, in the cryptographic communication systemaccording to the eighth embodiment, the unique code UC(z) is notencrypted when transmitting the unique code UC(z) from the semiconductordevice ICz to the semiconductor device ICa. However, because the uniquecode UC(z) is information unique to the semiconductor device ICz, thoughit contains error information, it is preferred to encrypt the uniquecode UC(z) before transmission. Thus, in the cryptographic communicationsystem according to this embodiment, the unique code UC(z) is encryptedbefore transmitting the unique code UC(z) from the semiconductor deviceICz to the semiconductor device ICa.

The cryptographic communication system 202 shown in FIG. 24 includes asemiconductor device ICa (230) and a semiconductor device ICz (240). Thesemiconductor device 230 includes a unique code generation unit 231, astorage unit 232, a common key generation unit 233, a correction datageneration unit 234, and a decryption unit 235.

The unique code generation unit 231 generates a unique code UC(a) thatis unique to the semiconductor device 230 and outputs it to the commonkey generation unit 233. The basic configuration and operation of theunique code generation unit 231 are the same as those of the unique codegeneration unit 211 described in the eighth embodiment and redundantexplanation thereof is omitted.

The storage unit 232 can store correction data CD(a), a public key PK(a)and a secret key SK(a) of the semiconductor device 230, and a common keyCK(a) generated in the common key generation unit 233. The storage unit232 includes a volatile memory and a nonvolatile memory, for example,and the correction data CD(a), the public key PK(a) and the secret keySK(a) are stored in the nonvolatile memory, and the common key CK(a) isstored in the volatile memory. Thus, although the storage unit 232temporarily stores the common key CK(a), information of the common keyCK(a) is erased when the semiconductor device 230 is powered off. Notethat the common key CK(a) may be stored in the nonvolatile memoryaccording to need after taking security measures such as encryption, andmeasures such as erasing data by writing at power-off of thesemiconductor device 230 may be done on the common key CK(a) stored inthe nonvolatile memory.

The common key generation unit 233 generates the common key CK(a) usingthe unique code UC(a) output from the unique code generation unit 231and correction data CD(a) stored in the storage unit 232. The common keygeneration unit 233 functions as a unique code correction unit. Thebasic configuration and operation of the common key generation unit 233are the same as those of the common key generation unit 213 described inthe eighth embodiment and redundant explanation thereof is omitted.

The correction data generation unit 234 generates correction data(second correction data) CD(z) using a unique code UC(z) of thesemiconductor device 240 and the common key CK(a). The basicconfiguration and operation of the correction data generation unit 234are the same as those of the correction data generation unit 214described in the eighth embodiment and redundant explanation thereof isomitted.

The decryption unit 235 decrypts a unique code UC(z) c encrypted by anencryption unit 244 of the semiconductor device 240 using the secret keySK(a) of the semiconductor device 230 and thereby generates the uniquecode UC(z).

The semiconductor device 240 includes a unique code generation unit 241,a storage unit 242, a common key generation unit 243, and an encryptionunit 244. The unique code generation unit 241 generates a unique codeUC(z) that is unique to the semiconductor device 240 and outputs it tothe encryption unit 244 and the common key generation unit 243. Thebasic configuration and operation of the unique code generation unit 241are the same as those of the unique code generation unit 211 describedin the eighth embodiment and redundant explanation thereof is omitted.

The storage unit 242 can have the common key CK(a) generated in thecommon key generation unit 243. The storage unit 242 stores the commonkey CK(a) in a volatile memory. Thus, although the storage unit 242temporarily stores the common key CK(a), information of the common keyCK(a) is erased when the semiconductor device 240 is powered off. Notethat the common key CK(a) may be stored in the nonvolatile memoryaccording to need after taking security measures such as encryption, andmeasures such as erasing data by writing at power-off of thesemiconductor device 240 may be done on the common key CK(a) stored inthe nonvolatile memory.

The common key generation unit 243 generates the common key CK(a) usingthe unique code UC(z) output from the unique code generation unit 241and the correction data CD(z) output from the correction data generationunit 234. The common key generation unit 243 functions as a unique codecorrection unit. The basic configuration and operation of the common keygeneration unit 243 are the same as those of the common key generationunit 213 described in the eighth embodiment and redundant explanationthereof is omitted.

The encryption unit 244 encrypts the unique code UC(z) generated in theunique code generation unit 241 by using the public key PK(a) of thesemiconductor device 230. The public key PK(a) to be used for encryptionmay be transmitted from the semiconductor device 230 to thesemiconductor device 240 in advance and stored in the storage unit 242.Alternatively, the public key PK(a) to be used for encryption may bedirectly supplied from the semiconductor device 230 to the encryptionunit 244 at the time when the encryption unit 244 encrypts the uniquecode UC(z). The encrypted unique code UC(z) c is output to thedecryption unit 235 of the semiconductor device 230.

An operation of the cryptographic communication system according to thisembodiment is described hereinafter with reference to the flowchart ofFIG. 25. First, the common key generation unit 233 of the semiconductordevice ICa (230) generates the common key CK(a) using the unique codeUC(a) output from the unique code generation unit 231 and the correctiondata CD(a) stored in the storage unit 232 (Step S130). Then, thesemiconductor device ICa (230) starts communication with othersemiconductor devices ICb to ICy (not shown) using the common key CK(a)(Step S131).

Then, the semiconductor device ICz (240) makes a request fortransmission of the correction data CD(z) to the semiconductor deviceICa (230) (Step S132). Receiving the request for transmission of thecorrection data CD(z), the semiconductor device 230 transmits the publickey PK(a) of the semiconductor device 230 to the semiconductor device240 (Step S133). The encryption unit 244 of the semiconductor device 240encrypts the unique code UC(z) using the public key PK(a) of thesemiconductor device 230 (Step S134). Note that the public key PK(a) ofthe semiconductor device 230 may be prestored in the storage unit 242 ofthe semiconductor device 240. In this case, Steps S132 and S133 can beskipped.

The semiconductor device 240 transmits the encrypted unique code UC(z) cto the decryption unit 235 of the semiconductor device 230 (Step S135).The decryption unit 235 of the semiconductor device 230 decrypts theencrypted unique code UC(z)_c by using the secret key SK(a) of thesemiconductor device 230 and thereby generates the unique code UC(z)(Step S136).

The correction data generation unit 234 of the semiconductor device 230generates the correction data CD(z) using the unique code UC(z) of thesemiconductor device 240 and the common key CK(a) stored in the storageunit 232 (Step S137). For the correction data generation unit 234 togenerate the correction data CD(z), it is necessary to acquire theunique code UC(z) a plurality of times. Thus, Steps S134 to S136 arerepeated to acquire the unique code UC(z) a plurality of times.

The generated correction data CD(z) is transmitted to the common keygeneration unit 243 of the semiconductor device 240 (Step S138). Thecommon key generation unit 243 of the semiconductor device 240 generatesthe common key CK(a) using the unique code UC(z) output from the uniquecode generation unit 241 and the correction data CD(z) output from thecorrection data generation unit 234 (Step S139). By the above process,the added semiconductor device 240 can have the common key CK(a). Thus,the added semiconductor device (ICz) 240 becomes able to performcryptographic communication with the semiconductor device (ICa) 230 andthe other semiconductor devices ICb to ICy using the common key CK(a)(Step S140).

As described above, in the cryptographic communication system accordingto this embodiment, the correction data generation unit 234 of thesemiconductor device 230 generates the correction data CD(z) using theunique code UC(z) unique to the semiconductor device 240 and the commonkey CK(a), and the common key generation unit 243 of the semiconductordevice 240 generates the common key CK(a) using the correction dataCD(z) and the unique code UC(z) of the semiconductor device 240. Thereis thus no need to incorporate an expensive secure server into thecryptographic communication system in order to verify whether thesemiconductor device ICz to be added is a proper semiconductor device,and it is possible to add the semiconductor device easily and at lowcost to the cryptographic communication system in which securecommunication is performed.

Further, in the cryptographic communication system according to thisembodiment, because important data such as the common key CK(a) is notdirectly stored in the storage units 232 and 242, leakage of theimportant data such as the common key CK(a) does not occur even ifunauthorized analysis of the semiconductor device is made. Therefore,even when the semiconductor device 230 and the semiconductor device 240are configured using general-purpose microcomputers with a relativelylow security level, a high security level can be achieved.

Note that the correction data CD(a) used to generate the common keyCK(a) in the semiconductor device 230 and the secret key SK(a) of thesemiconductor device 230 are information with a relatively high securitylevel, though the security level is lower than that of the common keyCK(a). Thus, the security microcomputer may be used for thesemiconductor device 230 in which the correction data CD(a) and thesecret key SK(a) are stored in order to prevent leakage of thecorrection data CD(a) and the secret key SK(a) to a third party.

Further, the correction data CD(z) that is transmitted from thesemiconductor device 230 to the semiconductor device 240 is informationwith a relatively high security level because it is related data to theunique code UC(z) and the common key CK(a). Thus, when transmitting thecorrection data CD(z) from the semiconductor device 230 to thesemiconductor device 240, the correction data CD(z) may be encryptedbefore transmission using the public key cryptosystem.

As described above, according to the embodiment of the presentinvention, it is possible to provide the cryptographic communicationsystem and the cryptographic communication method that can easily add asemiconductor device to the cryptographic communication system in whichsecure communication is performed. Particularly, in the cryptographiccommunication system according to this embodiment, the unique code UC(z)of the semiconductor device 240 is encrypted and transmitted to thesemiconductor device 230, which further enhances the security of thecryptographic communication system.

Tenth Embodiment

A tenth embodiment of the present invention is described hereinafter.FIG. 26 is a block diagram showing a cryptographic communication system203 according to this embodiment. In this embodiment, the cryptographiccommunication system is applied to a digital signature system. Thecryptographic communication system 203 according to this embodimentincludes a semiconductor device ICa (250), a semiconductor device ICz(260), and a secure server 270.

The semiconductor device 250 includes a unique code generation unit 251,a storage unit 252, a common key generation unit 253, a correction datageneration unit 254, a decryption unit 255, and a verification unit 256.

The unique code generation unit 251 generates a unique code UC(a) thatis unique to the semiconductor device 250 and outputs it to the commonkey generation unit 253. The basic configuration and operation of theunique code generation unit 251 are the same as those of the unique codegeneration unit 211 described in the eighth embodiment and redundantexplanation thereof is omitted.

The storage unit 252 can store correction data CD(a), a public key PK(a)and a secret key SK(a) of the semiconductor device 250, and a common keyCK(a) generated in the common key generation unit 253. The storage unit235 includes a volatile memory and a nonvolatile memory, for example,and the correction data CD(a), the public key PK(a) and the secret keySK(a) are stored in the nonvolatile memory, and the common key CK(a) isstored in the volatile memory. Thus, although the storage unit 252temporarily stores the common key CK(a), information of the common keyCK(a) is erased when the semiconductor device 250 is powered off.

The common key generation unit 253 generates the common key CK(a) usingthe unique code UC(a) output from the unique code generation unit 251and correction data CD(a) stored in the storage unit 252. The common keygeneration unit 253 functions as a unique code correction unit. Thebasic configuration and operation of the common key generation unit 253are the same as those of the common key generation unit 213 described inthe eighth embodiment and redundant explanation thereof is omitted.

The correction data generation unit 254 generates correction data CD(z)using a unique code UC(z) of the semiconductor device 260 and the commonkey CK(a). The basic configuration and operation of the correction datageneration unit 254 are the same as those of the correction datageneration unit 214 described in the eighth embodiment and redundantexplanation thereof is omitted.

The decryption unit 255 decrypts the unique code UC(z) c encrypted by anencryption unit 264 of the semiconductor device 260 using the secret keySK(a) of the semiconductor device 250 and thereby generates the uniquecode UC(z).

The verification unit 256 executes a verification algorithm in thedigital signature scheme. Specifically, the verification unit 256generates verification data using signature data Sig(a) and a public keyPK(z) of the semiconductor device 260 and compares the verification datawith plain text Plane(a).

The semiconductor device 260 includes a unique code generation unit 261,a storage unit 262, a common key generation unit 263, an encryption unit264, and a signature data generation unit 265. The unique codegeneration unit 261 generates a unique code UC(z) that is unique to thesemiconductor device 260 and outputs it to the encryption unit 264 andthe common key generation unit 263. The basic configuration andoperation of the unique code generation unit 261 are the same as thoseof the unique code generation unit 211 described in the eighthembodiment and redundant explanation thereof is omitted.

The storage unit 262 can store a common key CK(a) generated in thecommon key generation unit 263, a secret key SK(z) of the semiconductordevice 260, and a plain text Plane(z). The storage unit 262 includes avolatile memory and a nonvolatile memory, for example, and the secretkey SK(z) of the semiconductor device 260 and the plain text Plane(z)are stored in the nonvolatile memory, and the common key CK(a) is storedin the volatile memory. Thus, although the storage unit 262 temporarilystores the common key CK(a), information of the common key CK(a) iserased when the semiconductor device 260 is powered off. Note that thecommon key CK(a) may be stored in the nonvolatile memory according toneed after taking security measures such as encryption, and measuressuch as erasing data by writing at power-off of the semiconductor device260 may be done on the common key CK(a) stored in the nonvolatilememory.

The common key generation unit 263 generates the common key CK(a) usingthe unique code UC(z) output from the unique code generation unit 261and the correction data CD(z) output from the correction data generationunit 254. The common key generation unit 263 functions as a unique codecorrection unit. The basic configuration and operation of the common keygeneration unit 263 are the same as those of the common key generationunit 213 described in the eighth embodiment and redundant explanationthereof is omitted.

The encryption unit 264 encrypts the unique code UC(z) generated in theunique code generation unit 261 by using the public key PK(a) of thesemiconductor device 260. The public key PK(a) to be used for encryptionmay be transmitted from the semiconductor device 250 to thesemiconductor device 260 in advance and stored in the storage unit 262.Alternatively, the public key PK(a) to be used for encryption may bedirectly supplied from the semiconductor device 250 to the encryptionunit 264 at the time when the encryption unit 264 encrypts the uniquecode UC(z). Further alternatively, the public key PK(a) may be suppliedfrom the secure server 270. The encrypted unique code UC(z)_c is outputto the decryption unit 255 of the semiconductor device 250.

The signature data generation unit 265 generates signature data Sig(z)using the secret key SK(z) of the semiconductor device 260 and the plaintext Plane(z). In other words, the signature data generation unit 265executes a signature generation algorithm in the digital signaturescheme.

The secure server 270 includes a database 271 that stores public keysPK(a), PK(b), . . . , PK(z) of semiconductor devices ICa, ICb, . . . ,ICz in association with the semiconductor devices ICa, ICb, . . . , ICz.In this embodiment, because the public key information stored in thedatabase 271 is information with a high security level, it is preferredto use a security microcomputer for the secure server 270. The publickey information stored in the secure server 270 is transmitted to eachsemiconductor device in response to a request.

An operation of the cryptographic communication system according to thisembodiment is described hereinafter with reference to the flowchart ofFIG. 27. First, the common key generation unit 253 of the semiconductordevice ICa (250) generates the common key CK(a) using the unique codeUC(a) output from the unique code generation unit 251 and the correctiondata CD(a) stored in the storage unit 252 (Step S141). Then, thesemiconductor device ICa (250) starts communication with othersemiconductor devices ICb to ICy (not shown) using the common key CK(a)(Step S142).

Next, the semiconductor device ICz (260) transmits semiconductor deviceinformation (for example, a unique ID etc.) of the semiconductor deviceICz (260) to the semiconductor device ICa (250) (Step S143). Receivingthe semiconductor device information of the semiconductor device 260,the semiconductor device 250 makes a request for transmission of apublic key of the semiconductor device 260 to the secure server 270(Step S144). The public key of the semiconductor device 260 is used whenthe verification unit 256 of the semiconductor device 250 verifiessignature data. The secure server 270 transmits the public key PK(z) ofthe semiconductor device 260 to the verification unit 256 of thesemiconductor device 250 (Step S145).

Then, the semiconductor device 250 makes a request for transmission ofsignature data to the semiconductor device 260 (Step S146). Receivingthe request for transmission of signature data, the semiconductor device260 generates signature data Sig(z) using the secret key SK(z) and theplain text Plane(z) in the signature data generation unit 265. The plaintext Plane(z) and the generated signature data Sig(z) are transmitted tothe verification unit 256 of the semiconductor device 250 (Step S147).

The verification unit 256 of the semiconductor device 250 executes averification algorithm in the digital signature scheme (Step S148).Specifically, the verification unit 256 generates verification datausing the public key PK(z) of the semiconductor device 260 supplied fromthe secure server 270 and the signature data Sig(z), and compares theverification data with the plain text Plane(z). The signature dataSig(z) is data generated by encrypting the plain text Plane(z) using thesecret key SK(z) of the semiconductor device 260. Thus, the verificationdata obtained by decrypting the signature data Sig(z) using the publickey PK(z) of the semiconductor device 260 is data corresponding to theplain text Plane(z) transmitted from the semiconductor device 260.Therefore, the verification unit 256 compares the verification data withthe plain text Plane(z) and, when the verification data and the plaintext Plane(z) match, it can be determined that the semiconductor device260 has the secret key SK(z).

Thus, when the verification data and the plain text Plane(z) match (whenthe verification algorithm accepts the signature data Sig(z)), theverification unit 256 determines that the signature data Sig(z) createdby the semiconductor device 260 is valid. Thus, it is determined thatthe semiconductor device 260 has the secret key SK(z). On the otherhand, when the verification data and the plain text Plane(z) do notmatch (when the verification algorithm rejects the signature dataSig(z)), the verification unit 256 determines that the signature dataSig(z) created by the semiconductor device 260 is invalid.

When the semiconductor device 260 is determined as a propersemiconductor device, the semiconductor device 250 transmits the publickey PK(a) of the semiconductor device 250 to the semiconductor device260 (Step S149). The encryption unit 264 of the semiconductor device 260encrypts the unique code UC(z) by using the public key PK(a) of thesemiconductor device 250 (Step S150). Note that the public key PK(a) ofthe semiconductor device 250 may be transmitted from the secure server270 to the semiconductor device 260 by an instruction from thesemiconductor device 250.

The semiconductor device 260 transmits the encrypted unique code UC(z)_cto the decryption unit 255 of the semiconductor device 250 (Step S151).The decryption unit 255 of the semiconductor device 250 decrypts theencrypted unique code UC(z)_c by using the secret key SK(a) of thesemiconductor device 250 and thereby generates the unique code UC(z)(Step S152).

The correction data generation unit 254 of the semiconductor device 250generates the correction data CD(z) using the unique code UC(z) of thesemiconductor device 260 and the common key CK(a) (Step S153). For thecorrection data generation unit 254 to generate the correction dataCD(z), it is necessary to acquire the unique code UC(z) a plurality oftimes. Thus, Steps S150 to S152 are repeated to acquire the unique codeUC(z) a plurality of times.

The generated correction data CD(z) is transmitted to the common keygeneration unit 263 of the semiconductor device 260 (Step S154). Thecommon key generation unit 263 of the semiconductor device 260 generatesthe common key CK(a) using the unique code UC(z) output from the uniquecode generation unit 261 and the correction data CD(z) output from thecorrection data generation unit 254 (Step S155). By the above process,the added semiconductor device 260 can be verified using the digitalsignature scheme. Then, when the added semiconductor device 260 is aproper semiconductor device, the semiconductor device 260 can have thecommon key CK(a). Thus, the added semiconductor device (ICz) 260 becomesable to perform cryptographic communication with the semiconductordevice (ICa) 240 and the other semiconductor devices ICb to ICy usingthe common key CK(a) (Step S156).

As described above, in the cryptographic communication system accordingto this embodiment, the correction data generation unit 254 of thesemiconductor device 250 generates the correction data CD(z) using theunique code UC(z) unique to the semiconductor device 260 and the commonkey CK(a), and the common key generation unit 263 of the semiconductordevice 260 generates the common key CK(a) using the correction dataCD(z) and the unique code UC(z) of the semiconductor device 260. Thereis thus no need to incorporate an expensive secure server into thecryptographic communication system in order to verify whether thesemiconductor device ICz to be added is a proper semiconductor device,and it is possible to add the semiconductor device easily and at lowcost to the cryptographic communication system in which securecommunication is performed.

Further, in the cryptographic communication system according to thisembodiment, because important data such as the common key CK(a) is notdirectly stored in the storage units 252 and 262, leakage of theimportant data such as the common key CK(a) does not occur even ifunauthorized analysis of the semiconductor device is made. Therefore,even when the semiconductor device 250 and the semiconductor device 260are configured using general-purpose microcomputers with a relativelylow security level, a high security level can be achieved.

On the other hand, in this embodiment, the public key information storedin the database 271 of the secure server 270 is information with a highsecurity level. It is thus preferred to use a security microcomputer forthe secure server 270.

Note that the correction data CD(a) used to generate the common keyCK(a) and the secret key SK(z) of the semiconductor device 260 areinformation with a relatively high security level, though the securitylevel is lower than that of the common key CK(a). Thus, the securitymicrocomputer may be used for the semiconductor devices 250 and 260 inwhich the correction data CD(a) and the secret key SK(z) are stored inorder to prevent leakage of the correction data CD(a) and the secret keySK(z) to a third party.

Further, the correction data CD(z) that is transmitted from thesemiconductor device 250 to the semiconductor device 260 is informationwith a relatively high security level because it is related data to theunique code UC(z) and the common key CK(a). Thus, when transmitting thecorrection data CD(z) from the semiconductor device 250 to thesemiconductor device 260, the correction data CD(z) may be encryptedbefore transmission using the public key cryptosystem.

Further, in this embodiment, the encryption unit 264 is included in thesemiconductor device 260 and the decryption unit 255 is included in thesemiconductor device 250 in order to transmit the unique code UC(z)after encryption. However, in this embodiment, the encryption unit 264and the decryption unit 255 may be omitted and the unique code UC(z) maybe transmitted without encryption as in the eighth embodiment.

As described above, according to the embodiment of the presentinvention, it is possible to provide the cryptographic communicationsystem and the cryptographic communication method that can easily add asemiconductor device to the cryptographic communication system in whichsecure communication is performed.

Particularly, in the cryptographic communication system according tothis embodiment, the public key information is collectively managedusing the secure server 270. The public key information is informationthat is used when verifying a semiconductor device to be added using thedigital signature scheme, and it is information with a high securitylevel. By collectively managing the information with a high securitylevel using the secure server 270, the need to store the informationwith a high security level in the semiconductor devices 250 and 260 canbe eliminated, so that the semiconductor devices 250 and 260 can beconfigured using general-purpose microcomputers. It is thus possible toreduce the cost to construct the cryptographic communication system.

Eleventh Embodiment

An eleventh embodiment of the present invention is describedhereinafter. FIG. 28 is a block diagram showing a cryptographiccommunication system 204 according to this embodiment. In thecryptographic communication system 204 according to this embodiment, acorrection data generation program PRG(z) is transmitted from asemiconductor device ICz (290), which is a device to be added, to asemiconductor device ICa (280) rather than including a correction datageneration unit for generating correction data CD(z). The correctiondata generation program PRG(z) is then executed in the semiconductordevice ICa (280) to thereby generate the correction data CD(z).

The cryptographic communication system 204 shown in FIG. 28 includes asemiconductor device ICa (280) and a semiconductor device ICz (290). Thesemiconductor device 280 includes a unique code generation unit 281, astorage unit 282, a common key generation unit 283, a program executionunit 284, and a decryption unit 285.

The unique code generation unit 281 generates a unique code UC(a) thatis unique to the semiconductor device 280 and outputs it to the commonkey generation unit 283. The basic configuration and operation of theunique code generation unit 281 are the same as those of the unique codegeneration unit 211 described in the eighth embodiment and redundantexplanation thereof is omitted.

The storage unit 282 can store correction data CD(a), a public key PK(a)and a secret key SK(a) of the semiconductor device 280, and a common keyCK(a) generated in the common key generation unit 283. The storage unit282 includes a volatile memory and a nonvolatile memory, for example,and the correction data CD(a), the public key PK(a) and the secret keySK(a) are stored in the nonvolatile memory, and the common key CK(a) isstored in the volatile memory. Thus, although the storage unit 282temporarily stores the common key CK(a), information of the common keyCK(a) is erased when the semiconductor device 280 is powered off.

The common key generation unit 283 generates the common key CK(a) usingthe unique code UC(a) output from the unique code generation unit 281and correction data CD(a) stored in the storage unit 282. The common keygeneration unit 283 functions as a unique code correction unit. Thebasic configuration and operation of the common key generation unit 283are the same as those of the common key generation unit 213 described inthe eighth embodiment and redundant explanation thereof is omitted.

The program execution unit 284 executes the correction data generationprogram PRG(z) transmitted from the semiconductor device 290. Byexecuting the correction data generation program PRG(z), the correctiondata CD(z) can be generated using the unique code UC(z) of thesemiconductor device 290 and the common key CK(a). The program executionunit 284 is typically a processor such as a CPU. The correction datageneration program PRG(z) may be a program that can run only on thesemiconductor device 280, for example. Alternatively, the correctiondata generation program PRG(z) may be a program such as JAVA (registeredtrademark) that does not depend on the architecture of a semiconductordevice on which it runs. Some semiconductor devices constituting thecryptographic communication system have different CPU corearchitectures. Thus, by using a program such as JAVA that is notdependent on the architecture of a semiconductor device on which itruns, it is possible to improve the convenience of the cryptographiccommunication system and reduce the cost of the cryptographiccommunication system.

Note that a process of generating the correction data CD(z) using thecorrection data generation program PRG(z) is the same as the process inthe correction data generation unit 214 described in the eighthembodiment and redundant explanation thereof is omitted.

The decryption unit 285 decrypts the unique code UC(z) c encrypted by anencryption unit 294 of the semiconductor device 290 using the secret keySK(a) of the semiconductor device 280 and thereby generates the uniquecode UC(z).

The semiconductor device 290 includes a unique code generation unit 291,a storage unit 292, a common key generation unit 293, and an encryptionunit 249. The unique code generation unit 291 generates a unique codeUC(z) unique to the semiconductor device 290 and outputs it to theencryption unit 294 and the common key generation unit 293. The basicconfiguration and operation of the unique code generation unit 291 arethe same as those of the unique code generation unit 211 described inthe eighth embodiment and redundant explanation thereof is omitted.

The storage unit 292 can have the common key CK(a) generated in thecommon key generation unit 293 and the correction data generationprogram PRG(z). The storage unit 292 includes a volatile memory and anonvolatile memory, for example, and the correction data generationprogram PRG(z) is stored in the nonvolatile memory, and the common keyCK(a) is stored in the volatile memory. Thus, although the storage unit292 temporarily stores the common key CK(a), information of the commonkey CK(a) is erased when the semiconductor device 290 is powered off.Note that the common key CK(a) may be stored in the nonvolatile memoryaccording to need after taking security measures such as encryption, andmeasures such as erasing data by writing at power-off of thesemiconductor device 290 may be done on the common key CK(a) stored inthe nonvolatile memory.

The common key generation unit 293 generates the common key CK(a) usingthe unique code UC(z) output from the unique code generation unit 291and the correction data CD(z) output from the program execution unit284. The common key generation unit 293 functions as a unique codecorrection unit. The basic configuration and operation of the common keygeneration unit 293 are the same as those of the common key generationunit 213 described in the eighth embodiment and redundant explanationthereof is omitted.

The encryption unit 294 encrypts the unique code UC(z) and thecorrection data generation program PRG(z) by using the public key PK(a)of the semiconductor device 280. The public key PK(a) to be used forencryption may be transmitted from the semiconductor device 280 to thesemiconductor device 290 in advance and stored in the storage unit 292.Alternatively, the public key PK(a) to be used for encryption may bedirectly supplied from the semiconductor device 280 to the encryptionunit 294 at the time when the encryption unit 294 encrypts the uniquecode UC(z) and the correction data generation program PRG(z). Theencrypted unique code UC(z) c and correction data generation programPRG(z) are output to the decryption unit 285 of the semiconductor device280.

An operation of the cryptographic communication system according to thisembodiment is described hereinafter with reference to the flowchart ofFIG. 29. First, the common key generation unit 283 of the semiconductordevice ICa (280) generates the common key CK(a) using the unique codeUC(a) output from the unique code generation unit 281 and the correctiondata CD(a) stored in the storage unit 282 (Step S160). Then, thesemiconductor device ICa (280) starts communication with othersemiconductor devices ICb to ICy (not shown) using the common key CK(a)(Step S161).

Then, the semiconductor device ICz (290) makes a request fortransmission of the correction data CD(z) to the semiconductor deviceICa (280) (Step S162). Receiving the request for transmission of thecorrection data CD(z), the semiconductor device 280 transmits the publickey PK(a) of the semiconductor device 280 to the semiconductor device290 (Step S163). The encryption unit 294 of the semiconductor device 290encrypts the unique code UC(z) and the correction data generationprogram PRG(z) using the public key PK(a) of the semiconductor device280 (Step S164). Note that the public key PK(a) of the semiconductordevice 280 may be prestored in the storage unit 292 of the semiconductordevice 290. In this case, Steps S162 and S163 can be skipped.

The semiconductor device 290 transmits the encrypted unique code UC(z)_cand correction data generation program PRG(z)_c to the decryption unit285 of the semiconductor device 280 (Step S165). The decryption unit 285of the semiconductor device 280 decrypts the encrypted unique codeUC(z)_c and correction data generation program PRG(z)_c by using thesecret key SK(a) of the semiconductor device 280 and thereby generatesthe unique code UC(z) and the correction data generation program PRG(z)(Step S166).

The program execution unit 284 of the semiconductor device 280 executesthe correction data generation program PRG(z) decrypted in thedecryption unit 285. By executing the correction data generation programPRG(z), the correction data CD(z) can be generated using the unique codeUC(z) of the semiconductor device 290 and the common key CK(a) (StepS167). For the correction data generation program PRG(z) to generate thecorrection data CD(z), it is necessary to acquire the unique code UC(z)a plurality of times. Thus, Steps S164 to S166 (excluding transmissionof the correction data generation program PRG(z)) are repeated toacquire the unique code UC(z) a plurality of times. Further, thecorrection data generation program PRG(z) may be deleted after thecorrection data CD(z) is generated.

The generated correction data CD(z) is transmitted to the common keygeneration unit 293 of the semiconductor device 290 (Step S168). Thecommon key generation unit 293 of the semiconductor device 290 generatesthe common key CK(a) using the unique code UC(z) output from the uniquecode generation unit 291 and the correction data CD(z) output from theprogram execution unit 284 (Step S169). By the above process, the addedsemiconductor device 290 can have the common key CK(a). Thus, the addedsemiconductor device (ICz) 290 becomes able to perform cryptographiccommunication with the semiconductor device (ICa) 280 and the othersemiconductor devices ICb to ICy using the common key CK(a) (Step S170).

As described above, in the cryptographic communication system accordingto this embodiment, the program execution unit 284 of the semiconductordevice 280 generates the correction data CD(z) using the unique codeUC(z) unique to the semiconductor device 290 and the common key CK(a),and the common key generation unit 293 of the semiconductor device 290generates the common key CK(a) using the correction data CD(z) and theunique code UC(z) of the semiconductor device 290. There is thus no needto incorporate an expensive secure server into the cryptographiccommunication system in order to verify whether the semiconductor deviceICz to be added is a proper semiconductor device, and it is possible toadd the semiconductor device easily and at low cost to the cryptographiccommunication system in which secure communication is performed.

Further, in the cryptographic communication system according to thisembodiment, because important data such as the common key CK(a) is notdirectly stored in the storage units 282 and 292, leakage of theimportant data such as the common key CK(a) does not occur even ifunauthorized analysis of the semiconductor device is made. Therefore,even when the semiconductor device 280 and the semiconductor device 290are configured using general-purpose microcomputers with a relativelylow security level, a high security level can be achieved.

Note that the correction data CD(a) used to generate the common keyCK(a) in the semiconductor device 280 and the secret key SK(a) of thesemiconductor device 280 are information with a relatively high securitylevel, though the security level is lower than that of the common keyCK(a). Thus, the security microcomputer may be used for thesemiconductor device 280 in which the correction data CD(a) and thesecret key SK(a) are stored in order to prevent leakage of thecorrection data CD(a) and the secret key SK(a) to a third party.

Further, the correction data CD(z) that is transmitted from thesemiconductor device 280 to the semiconductor device 290 is informationwith a relatively high security level because it is related data to theunique code UC(z) and the common key CK(a). Thus, when transmitting thecorrection data CD(z) from the semiconductor device 280 to thesemiconductor device 290, the correction data CD(z) may be encryptedbefore transmission using the public key cryptosystem.

Further, in this embodiment, the encryption unit 294 is included in thesemiconductor device 290 and the decryption unit 285 is included in thesemiconductor device 280 in order to transmit the unique code UC(z) andthe correction data generation program PRG(z) after encryption. However,in this embodiment, the encryption unit 294 and the decryption unit 285may be omitted, and the unique code UC(z) and the correction datageneration program PRG(z) may be transmitted without encryption as inthe eighth embodiment.

In the above example, the case where the correction data generationprogram PRG(z) is transmitted to the semiconductor device 280 from thesemiconductor device 290 to be added is described. However, thecorrection data generation program PRG(z) may be transmitted to thesemiconductor device 280 from a server, for example.

As described above, according to the embodiment of the presentinvention, it is possible to provide the cryptographic communicationsystem and the cryptographic communication method that can easily add asemiconductor device to the cryptographic communication system in whichsecure communication is performed.

Particularly, in the cryptographic communication system according tothis embodiment, even when the correction data generation unit is notincluded in advance in the semiconductor device 280, the unique codeUC(z) can be generated by storing the correction data generation programPRG(z) into the semiconductor device 290 to be added and executing thecorrection data generation program PRG(z) in the semiconductor device280. The correction data generation program PRG(z) may be stored beforeshipping of the semiconductor device 290 or may be downloaded from aserver after shipping according to need. Further, if the correction datageneration program PRG(z) is a program such as JAVA that is notdependent on the architecture of a semiconductor device on which itruns, it is possible to improve the convenience of the cryptographiccommunication system and reduce the cost of the cryptographiccommunication system.

Twelfth Embodiment

A twelfth embodiment of the present invention is described hereinafter.FIG. 30 is a block diagram showing a cryptographic communication system205 according to this embodiment. In the cryptographic communicationsystem 205 according to this embodiment, a plurality of common keysCK(1) and CK(2) are generated in a common key generation unit 303 of asemiconductor device ICa (300). Then, the semiconductor device ICa (300)and a semiconductor device ICz (310) communicate using the common keyCK(2), and the semiconductor device ICa (300) and semiconductor devicesICb to ICy communicate using the common key CK(1). Thus, thesemiconductor device ICa (300) functions as a router.

The cryptographic communication system 205 shown in FIG. 30 includes thesemiconductor device ICa (300) and the semiconductor device ICz (310).The semiconductor device 300 includes a unique code generation unit 301,a storage unit 302, a common key generation unit 303, and a correctiondata generation unit 304.

The unique code generation unit 301 generates a unique code UC(a) uniqueto the semiconductor device 300 and outputs it to the common keygeneration unit 303. The basic configuration and operation of the uniquecode generation unit 301 are the same as those of the unique codegeneration unit 211 described in the eighth embodiment and redundantexplanation thereof is omitted.

The storage unit 302 can store correction data CD(1) and CD(2) andcommon keys CK(1) and CK(2) generated in the common key generation unit303. The storage unit 302 includes a volatile memory and a nonvolatilememory, for example, and the correction data CD(1) and CD(2) are storedin the nonvolatile memory, and the common keys CK(1) and CK(2) arestored in the volatile memory. Thus, although the storage unit 302temporarily stores the common keys CK(1) and CK(2), information of thecommon keys CK(1) and CK(2) is erased when the semiconductor device 300is powered off. Note that the common keys CK(1) and CK(2) may be storedin the nonvolatile memory according to need after taking securitymeasures such as encryption, and measures such as erasing data bywriting at power-off of the semiconductor device 300 may be done on thecommon keys CK(1) and CK(2) stored in the nonvolatile memory.

The common key generation unit 303 generates the common key (secondcommon key) CK(1) using the unique code UC(a) output from the uniquecode generation unit 301 and correction data (third correction data)CD(1) stored in the storage unit 302. Further, the common key generationunit 303 generates the common key (first common key) CK(2) using theunique code UC(a) output from the unique code generation unit 301 andcorrection data (first correction data) CD(2) stored in the storage unit302. The common key generation unit 303 functions as a unique codecorrection unit. The basic configuration and operation of the common keygeneration unit 303 are the same as those of the common key generationunit 213 described in the eighth embodiment and redundant explanationthereof is omitted.

The correction data generation unit 304 generates correction data(second correction data) CD(z) using the unique code UC(z) of thesemiconductor device 310 and the common key CK(2). The basicconfiguration and operation of the correction data generation unit 304are the same as those of the correction data generation unit 214described in the eighth embodiment and redundant explanation thereof isomitted.

The semiconductor device 310 includes a unique code generation unit 311,a storage unit 312, and a common key generation unit 313. The uniquecode generation unit 311 generates a unique code UC(a) unique to thesemiconductor device 310 and outputs it to the correction datageneration unit 304 of the semiconductor device 300. The basicconfiguration and operation of the unique code generation unit 311 arethe same as those of the unique code generation unit 211 described inthe eighth embodiment and redundant explanation thereof is omitted.

The storage unit 312 can have the common key CK(2) generated in thecommon key generation unit 313. The storage unit 312 stores the commonkey CK(2) in a volatile memory. Thus, although the storage unit 312temporarily stores the common key CK(2), information of the common keyCK(2) is erased when the semiconductor device 310 is powered off. Notethat the common key CK(2) may be stored in a nonvolatile memoryaccording to need after taking security measures such as encryption, andmeasures such as erasing data by writing at power-off of thesemiconductor device 310 may be done on the common key CK(2) stored inthe nonvolatile memory.

The common key generation unit 313 generates the common key CK(2) usingthe unique code UC(z) output from the unique code generation unit 311and the correction data CD(z) output from the correction data generationunit 304. The common key generation unit 313 functions as a unique codecorrection unit. The basic configuration and operation of the common keygeneration unit 313 are the same as those of the common key generationunit 213 described in the eighth embodiment and redundant explanationthereof is omitted.

An operation of the cryptographic communication system according to thisembodiment is described hereinafter with reference to the flowchart ofFIG. 31. First, the common key generation unit 303 of the semiconductordevice ICa (300) generates the common key CK(1) using the unique codeUC(a) output from the unique code generation unit 301 and the correctiondata CD(1) stored in the storage unit 302 (Step S171). Then, thesemiconductor device ICa (300) starts communication with othersemiconductor devices ICb to ICy (third semiconductor device) using thecommon key CK(1) (Step S172).

The semiconductor device 310 transmits the unique code UC(z) of thesemiconductor device 310 to the correction data generation unit 304 ofthe semiconductor device 300 (Step S173). The common key generation unit303 of the semiconductor device 300 generates the common key CK(2) usingthe unique code UC(a) output from the unique code generation unit 301and the correction data CD(2) stored in the storage unit 302 (StepS174). Then, the correction data generation unit 304 of thesemiconductor device 300 generates the correction data CD(z) using theunique code UC(z) of the semiconductor device 310 and the common keyCK(2) (Step S175). For the correction data generation unit 304 togenerate the correction data CD(z), it is necessary to acquire theunique code UC(z) a plurality of times. Thus, Step S173 is repeated toacquire the unique code UC(z) a plurality of times.

The generated correction data CD(z) is transmitted to the common keygeneration unit 313 of the semiconductor device 310 (Step S176). Thecommon key generation unit 313 of the semiconductor device 310 generatesthe common key CK(2) using the unique code UC(z) output from the uniquecode generation unit 311 and the correction data CD(z) output from thecorrection data generation unit 304 (Step S177). By the above process,both of the semiconductor device 300 and the semiconductor device 310can have the common key CK(2). Thus, the added semiconductor device 310becomes able to perform cryptographic communication with thesemiconductor device 300 using the common key CK(2) (Step S178). On theother hand, the semiconductor device 300 and the semiconductor devicesICb to ICy perform communication using the common key CK(1).

FIG. 32 is a block diagram showing an example of a configuration of thecryptographic communication system according to this embodiment. Asshown in FIG. 32, the semiconductor device ICa and the semiconductordevices ICb and ICc communicate using the common key CK(1) and establisha secure network. Further, the added semiconductor device ICzcommunicates with the semiconductor device ICa using the common keyCK(2). Thus, the semiconductor device ICa functions as a router, so thatthe added semiconductor device ICz can perform cryptographiccommunication with the semiconductor devices ICb and ICc through thesemiconductor device ICa.

As described above, in the cryptographic communication system accordingto this embodiment, the correction data generation unit 304 of thesemiconductor device 400 generates the correction data CD(z) using theunique code UC(z) unique to the semiconductor device 310 and the commonkey CK(2), and the common key generation unit 313 of the semiconductordevice 310 generates the common key CK(2) using the correction dataCD(z) and the unique code UC(z) of the semiconductor device 310. Thereis thus no need to incorporate an expensive secure server into thecryptographic communication system in order to verify whether thesemiconductor device ICz to be added is a proper semiconductor device,and it is possible to add the semiconductor device easily and at lowcost to the cryptographic communication system in which securecommunication is performed.

Further, in the cryptographic communication system according to thisembodiment, because important data such as the common keys CK(1) andCK(2) is not directly stored in the storage units 302 and 312, leakageof the important data such as the common keys CK(1) and CK(2) does notoccur even if unauthorized analysis of the semiconductor device is made.Therefore, even when the semiconductor device 300 and the semiconductordevice 310 are configured using general-purpose microcomputers with arelatively low security level, a high security level can be achieved.

Note that the correction data CD(1) and CD(2) used to generate thecommon keys CK(1) and CK(2) are information with a relatively highsecurity level, though the security level is lower than that of thecommon keys CK(1) and CK(2). Thus, the security microcomputer may beused for the semiconductor device 300 in which the correction data CD(1)and CD(2) are stored in order to prevent leakage of the correction dataCD(1) and CD(2) to a third party.

Further, the correction data CD(z) that is transmitted from thesemiconductor device 300 to the semiconductor device 310 is informationwith a relatively high security level because it is related data to theunique code UC(z) and the common key CK(2). Thus, when transmitting thecorrection data CD(z) from the semiconductor device 300 to thesemiconductor device 310, the correction data CD(z) may be encryptedbefore transmission using the public key cryptosystem.

As described above, according to the embodiment of the presentinvention, it is possible to provide the cryptographic communicationsystem and the cryptographic communication method that can easily add asemiconductor device to the cryptographic communication system in whichsecure communication is performed.

Thirteenth Embodiment

A thirteenth embodiment of the present invention is describedhereinafter. FIG. 33 is a block diagram showing a case where thecryptographic communication system according to the eighth to twelfthembodiment is applied to a vehicle-mounted semiconductor device. Asshown in FIG. 33, a vehicle 360 includes a gateway unit 350, a faultdiagnostic unit 351, an engine control unit 352, a brake control unit353, a lamp control unit 354, a door lock control unit 355, and a keyinsertion control unit 356.

The gateway unit 350 is equipment for relaying a network composed of theunits 351 to 356. A secure microcomputer ICa is included in the gatewayunit 350. The fault diagnostic unit 351 is a unit for making a diagnosiswhether the components of the vehicle 360 are at fault. A semiconductordevice ICb is included in the fault diagnostic unit 351. The enginecontrol unit 352 is a unit for making electrical control (fuel supply,ignition timing control etc.) of engine operation in a comprehensivemanner. A semiconductor device ICc is included in the engine controlunit 352. The brake control unit 353 is a unit for controlling a brakesuch as ABS (Antilock Brake System). A semiconductor device ICd isincluded in the brake control unit 353. The lamp control unit 354 is aunit for controlling a headlight, winker and the like of the vehicle. Asemiconductor device ICe is included in the lamp control unit 354.

The door lock control unit 355 is a unit for controlling door lock. Asemiconductor device ICf and a communication unit for radiocommunication with a key 357 are included in the door lock control unit355. The key insertion control unit 356 is a unit for determiningwhether the inserted key is a valid user key or not. A semiconductordevice ICg and a communication unit for radio communication with the key357 are included in the key insertion control unit 356. A semiconductordevice ICh and a communication unit are included in the key 357.General-purpose microcomputers, for example, may be used for thesemiconductor devices ICb to ICh that are included in the respectiveunits 351 to 356 and the key 357.

The fault diagnostic unit 351, the engine control unit 352, the brakecontrol unit 353, the lamp control unit 354, the door lock control unit355 and the key insertion control unit 356 are connected to the gatewayunit 350, and the respective units 351 to 356 are configured to be ableto communicate with one another through the gateway unit 350. The commonkey that is used for communication between the respective units 351 to356 and the gateway unit 350 may differ from unit to unit. For example,a common key A may be used for communication between the faultdiagnostic unit 351 and the gateway unit 350, and a common key B may beused for communication between the engine control unit 352 and thegateway unit 350.

The gateway unit (ICa) 350 and the respective units (ICb to ICg) 351 to356 establish a secure network. When adding a car navigation system 358that includes a semiconductor device ICz to the secure network, use ofthe method described in the eighth to twelfth embodiments allows the carnavigation system (ICz) 358 to be added to the secure network easily andat low cost.

In the example shown in FIG. 33, the configuration in which the units351 to 356 and the car navigation system 358 perform communicationthrough the gateway unit 350 is shown. However, the units 351 to 356 andthe car navigation system 358 may communicate with one another using thesame common key. In this case, the units 351 to 356 and the carnavigation system 358 are configured to be connected to one anotherthrough a common bus, for example. It is further applicable tocommunication between various units different from the units shown inFIG. 33.

It should be noted that the case where the cryptographic communicationsystem according to the first to sixth embodiments and the eighth totwelfth embodiments is applied to a vehicle-mounted semiconductor deviceis described in this embodiment. However, the cryptographiccommunication system according to the first to sixth embodiments and theeighth to twelfth embodiments may be applied also to a typical LAN,smart meter, smart grid, contactless IC card and the like, not limitedto a vehicle-mounted semiconductor device. The semiconductor devicesthat constitute the cryptographic communication system may communicatewith one another via wired or wireless connections. Further, the firstto thirteenth embodiments can be combined as desirable by one ofordinary skill in the art.

While the invention has been described in terms of several embodiments,those skilled in the art will recognize that the invention can bepracticed with various modifications within the spirit and scope of theappended claims and the invention is not limited to the examplesdescribed above.

Further, the scope of the claims is not limited by the embodimentsdescribed above.

Furthermore, it is noted that, Applicant's intent is to encompassequivalents of all claim elements, even if amended later duringprosecution.

1-35. (canceled)
 36. A cryptographic communication system including afirst semiconductor device and a second semiconductor device, the firstsemiconductor device comprising: a first common key generation unit thatgenerates a first common key by using a first unique code having a valueunique to the first semiconductor device and containing a random errorand first correction data for correcting the first unique code; and acorrection data generation unit that generates second correction datafor correcting a second unique code by using the first common keygenerated in the first common key generation unit and a second uniquecode having a value unique to the second semiconductor device andcontaining a random error, and the second semiconductor devicecomprising: a second common key generation unit that generates the firstcommon key by using the second unique code and the second correctiondata.
 37. The cryptographic communication system according to claim 36,wherein the second semiconductor device further includes an encryptionunit that encrypts the second unique code by using a public key of thefirst semiconductor device, and the first semiconductor device furtherincludes a decryption unit that decrypts the second unique codeencrypted in the encryption unit by using a secret key of the firstsemiconductor device.
 38. The cryptographic communication systemaccording to claim 36, wherein the cryptographic communication systemfurther includes a server including a database that stores public keysof respective semiconductor devices in association with the respectivesemiconductor devices, the second semiconductor device generatessignature data by using a secret key of the second semiconductor deviceand a plain text, and the first semiconductor device further includes averification unit that generates verification data by using thesignature data of the second semiconductor device and a public key ofthe second semiconductor device transmitted from the server, andcompares the verification data with the plain text.
 39. Thecryptographic communication system according to claim 37, wherein theencryption unit included in the second semiconductor device furtherencrypts a correction data generation program for generating secondcorrection data using the first common key generated in the first commonkey generation unit and the second unique code by using the public keyof the first semiconductor device, the decryption unit included in thefirst semiconductor device further decrypts the encrypted correctiondata generation program by using the secret key of the firstsemiconductor device, and the first semiconductor device executes thedecrypted correction data generation program and generates the secondcorrection data by using the first common key and the second uniquecode.
 40. The cryptographic communication system according to claim 36,wherein the first semiconductor device and the second semiconductordevice communicate using the first common key.
 41. The cryptographiccommunication system according to claim 40, wherein the first common keygeneration unit further generates a second common key by using the firstunique code unique to the first semiconductor device and thirdcorrection data, and the first semiconductor device communicates withthe third semiconductor device using the second common key, and thesecond semiconductor device communicates with the third semiconductordevice through the first semiconductor device.
 42. The cryptographiccommunication system according to claim 36, wherein the first correctiondata includes first mask data for masking a bit with a high error rateamong bits of the first unique code, and a first error correction codefor correcting a bit with a low error rate among bits of the firstunique code.
 43. The cryptographic communication system according toclaim 42, wherein the first correction data further includes a firstoperation parameter for performing a specified operation on the firstunique code error-corrected using the first mask data and the firsterror correction code.
 44. The cryptographic communication systemaccording to claim 43, wherein the first common key generation unitmasks the first unique code using the first mask data, corrects an errorof the masked first unique code using the first error correction code,and performs an operation on the first unique code error-corrected usingthe first mask data and the first error correction code by using thefirst operation parameter.
 45. The cryptographic communication systemaccording to claim 36, wherein the second correction data is transmittedfrom the first semiconductor device to the second semiconductor devicein an encrypted state.
 46. The cryptographic communication systemaccording to claim 36, wherein the correction data generation unitacquires the second unique code a plurality of times, generates secondmask data for masking a bit with a high error rate among bits of theacquired second unique code, generates a second error correction codefor correcting a bit with a low error rate among bits of the acquiredsecond unique code, and generates a second operation parameter by usingthe first common key and the second unique code error-corrected usingthe second mask data and the second error correction code.
 47. Thecryptographic communication system according to claim 46, wherein aprocess of generating correction data is executed in a distributedmanner among a plurality of semiconductor devices.
 48. The cryptographiccommunication system according to claim 36, wherein the firstsemiconductor device is configured using a secure microcomputer.
 49. Thecryptographic communication system according to claim 36, wherein thefirst and second semiconductor devices are configured usinggeneral-purpose microcomputers.
 50. The cryptographic communicationsystem according to claim 36, wherein the first and second semiconductordevices are vehicle-mounted microcomputers.
 51. The cryptographiccommunication system according to claim 36, wherein the firstsemiconductor device is a vehicle-mounted microcomputer forming anin-vehicle network, and the second semiconductor device is a carnavigation system.
 52. A cryptographic communication method using afirst semiconductor device and a second semiconductor device,comprising: in the first semiconductor device, generating a first commonkey by using a first unique code having a value unique to the firstsemiconductor device and containing a random error and first correctiondata for correcting the first unique code; generating second correctiondata for correcting a second unique code by using the generated firstcommon key and a second unique code having a value unique to the secondsemiconductor device and containing a random error; and in the secondsemiconductor device, generating the first common key by using thesecond unique code and the second correction data.
 53. The cryptographiccommunication method according to claim 52, further comprising:encrypting the second unique code by using a public key of the firstsemiconductor device in the second semiconductor device, and decryptingthe encrypted second unique code by using a secret key of the firstsemiconductor device in the first semiconductor device.
 54. Thecryptographic communication method according to claim 52, furthercomprising: generating signature data by using a secret key of thesecond semiconductor device and a plain text in the second semiconductordevice; and generating verification data by using a public key of thesecond semiconductor device transmitted from a server including adatabase that stores public keys of respective semiconductor devices inassociation with the respective semiconductor devices and the signaturedata of the second semiconductor device, and comparing the verificationdata with the plain text.
 55. The cryptographic communication methodaccording to claim 53, further comprising: in the second semiconductordevice, encrypting a correction data generation program for generatingthe second correction data using the first common key and the secondunique code by using the public key of the first semiconductor device;in the first semiconductor device, decrypting the encrypted correctiondata generation program; and executing the decrypted correction datageneration program and generating the second correction data by usingthe first common key and the second unique code.
 56. The cryptographiccommunication method according to claim 52, wherein the firstsemiconductor device and the second semiconductor device communicateusing the first common key.
 57. The cryptographic communication methodaccording to claim 56, further comprising: generating a second commonkey by using the first unique code unique to the first semiconductordevice and third correction data in the first common key generationunit, wherein the first semiconductor device communicates with a thirdsemiconductor device using the second common key, and the secondsemiconductor device communicates with the third semiconductor devicethrough the first semiconductor device.